one.com webhost blocked

[STL]

MBAM IP blocking blocks my webhost one.com, and this causes my site to be blocked too. IP 195.47.247.121

PLease remove blocking

[MysteryFCM]

The /24 was blocked due to the presence of 350+ exploits across the range with no response from their abuse dept. I'll run through them again and see if they've taken action yet, and remove the block if so.

[STL]

The /24 was blocked due to the presence of 350+ exploits across the range with no response from their abuse dept. I'll run through them again and see if they've taken action yet, and remove the block if so.

Thanks MysteryFCM

[MysteryFCM]

I've been through all of the outstanding cases on this range, and sadly, there's still 77 active cases (approx 40% were suspended, with a further 10-20%, being cleaned or taken down). Further, whilst alot of the URL's themselves had their files removed, there are still exploits present on their homepages. All except 2 of the cases, are hacked websites.

I've dropped their abuse dept another e-mail with a list of the outstanding cases, so the block will be removed once these lot are taken care of (or at least, the majority are taken care of - they're still sadly, spread across the range, instead of just being stuck to a couple or so IP's on the range).

[onecom]

I work on One.com and am responsible for the abuse department. We do (or rather did) have a lot of sites infected with malware and have until some weeks ago not prioritized this very much.

We have now developed a system to handle this sites and we now contact all customers where we find malware. If the customer doesn't remove the malware and fix his/her security problems within a week the account is suspended.

So far we have contacted 400-500 customers. Hopefully you will see a drop in the number of infected sites. Also note that we host over 750 000 domains on this IP range.

MysteryFCM, I found your report from 11/25/2009. A colleague handled this one and I can not see exactly what was found for each domain. Some domains were suspended and some were not (most likely because we could not find any problem on that domain). I have answered your report from today, asking for more information since the report seemed a bit unclear. But I will investigate these cases today and suspend all accounts where I find problems.

[MysteryFCM]

Thanks for dropping by, and for letting me know.

[STL]

Thanks to MysteryFCM, and i am glad that one.com is working on this issue now. I am running a security forum much like this, and i am looking forward to get this issue resolved, as it is quite embarrasing for us.

[onecom]

All cases reported by MysteryFCM have now been checked. I have sent him a mail with more details. 75% of the reported cases are now suspended, the other seems to be clean.