- <LISTENER>
<HOSTNAME>66.28.153.46</HOSTNAME>
<USERAGENT>WinampMPEG/2.7</USERAGENT>
<UNDERRUNS>0</UNDERRUNS>
<CONNECTTIME>19706</CONNECTTIME>
<POINTER>4</POINTER>
<UID>45</UID>
</LISTENER>
- <LISTENER>
<HOSTNAME>66.28.153.46</HOSTNAME>
<USERAGENT>WinampMPEG/2.7</USERAGENT>
<UNDERRUNS>0</UNDERRUNS>
<CONNECTTIME>19705</CONNECTTIME>
<POINTER>5</POINTER>
<UID>46</UID>
</LISTENER>



what goes on??

Could be a firewall or router and two people connecting from behind it.

I'd say it is the RIAA's little flooding device. I had same IP using all my streams at once .. and they want us to pay per listener-per song .. they got a way to up their revenue .. or I may be paranoid.

IP resolves to this (and I have blocked the whole entire netblock at my firewall)

Cogent Communications (NETBLK-COGENT-NB-0000)
1015 31st Street, NW
Washington, DC 20007
US

Netname: COGENT-NB-0000
Netblock: 66.28.0.0 - 66.28.255.255

Those IP addresses that Procrastinator mentioned and that org named COGENT are popping up on both my streams as well. I suspected something icky and now I am sure of it. They be banned...

Cogent is a low cost bandwidth carrier (http://cogentco.com/home.html), I doubt they are doing anything it's their customers. What they're up to who knows... they could be listening or they could be doing something else.

Tom

Well .. for a low bandwidth provider they can sure suck all 15 of my streams at one time ... I play 80s crap .. rick probably something else ... and spookz probably something else. For low bandwidth I cannot imagine they have that many users with that many different tastes in music hogging up all our streams at most likely the same time ... or I may still be paranoid :weird:

Hi,

It's very interesting. I have monitored the listeners ip's for a while and guess what? The next ip's are questionable.
66.28.153.45
66.28.153.46
66.28.153.47

From time to time these ip's turn up. I can't kick them, unless I ban them.

Is there someone who knows a bit more about these ip's. I like to know what organization is behind this.

Thanks

Ken Holland

To find who owns a netblock (block of IP addresses) use http://www.arin.net

Be careful in using DNS resolutions for name info on IP address, in many cases an backbone provider may provide services to many ISP's under it. These ISP's may also provide services to other ISP's and so on. So if you used DNS to check an IP that resolved to dialup-53-ny.something1.com it does not necessarily mean that www.something1.com is responsible. Name service (DNS) simply points to an IP, any number of people may be using a particular IP at any given time.

To determine who was using an IP owned by a provider you can locate that provider by using Arin (American Registry for Internet Numbers) which is the company responsible for allocating the Internet Protocol within the US.

In a case where an IP is owned by another registry, in another country, Arin will provide the URL for that particular registry. You may go there and use their whois database to determine the owner of a net block.

Meanwhile, a bunch of stations hype out
on an internet radio fan's address somewhere
in D.C., adding hype to paranoia and suspicion
to conspiracy theory.

I feel sorry for the loyal fan,
and the stations that are freaking
out about that IP.

Either that, or you are all right...
Time to start ganging up on suspiciously
loyal listeners.

Sheesh.

Gordon
synerdata radio

Click Here - To Listen to SYNERDATA.COM Radio - 128k (http://synerdata.2y.net/listen.pls)

That same IP, 66.28.153.46, has been listening to my stream as well. I haven't noticed anything really suspicious about it, but it is strange the address has been connecting to so many streams.

i think Sound Selecta had the more plausible explanation

It has nothing to do with a loyal listener.
A few days ago the station software crashed. There was no music for at least 12 hours. And guess what? The ip as described as above was still connected. A loyal listener? If you like silentness perhaps.

It happend today again.

Software crashed. For three hours no music. Two listeners with the same ip were connected. (Winamp and Freeamp) There was no music!

I don't know what it is but I really think that people are ripping of streams. Especially 128kbs streams are populair.

Loyal listeners right?

While I can not condone hyping out on a listener's address,
such as in this case, I feel moved to mention that station
operators should expect that there are numerous interests
in both D.C. and otherwhere (especially at this time), who
may be most concertedly archiving station streams for many
number's of reasons, ranging from american national security
to the studies of congress to those who find advantage in a
process of forcing stations who play commercial music (back
now) to either pay various potentially impending exorbitant
extortion fees, or be shut down, a little later.

(ie: evidence that stations play commercial music back now
may be applied to removing them from competition later on,
unless they are able to afford the potentially impending
circa US$1 million network station commercial music fee.)

While criminal activity such as ripping streams should be expected
from the interests of the commercial music cartels for the purpose
of incarcerating competition from the once level playing fields
of global network stream radio, I do not say that it is anything
to be concerned about.

As a (radio) service provider, and apart from visibly malicious
activities (such as clearly evident stream ripping et al) one
should bear in mind that our listeners have a full spectrum
of listening habits and loyalties and the like, and even if
there were some dark underground secret stream archiving operation,
it should be concidered, at the very least, "expected" by all
station operators (especially at this juncture), and that, furthermore, it should not be reason for alarm or reactivity
on the part of station operators.

Many listeners will wait while a station is off the air, knowing
it would come back. Other times, people will link to a station
that is favored by them, as fans, and leave the stream on, while
away, knowing that it shows their support (chart ratings) for the
station... especially in cases of small stations, where a
listener can know that their presence can make a huge difference
to a station's chart position and the likelyhood that others will
join the station to listen with them. When a station goes off the
air, a listener's sound stream ends, and so there is no reason to
actually stop the stream in winamp, because it is obstensively off
anyways. Furthermore, there appears to be an anomoly in the
shoutcast server... When a stations goes "off the wire", and even
if the listener disconnects, their IP remains listed in shoutcast
stats as still listening until a refresh is performed, even though
they may have disconnected some time ago.

Personally, I think it is better to avoid looking too deeply
into listener stats, lest you enjoy playing mind games with
yourself, or unless there is some concerted issue to attend to,
and that otherwise, the station operator is providing a service,
and it is not the concern of the station operator -who- listens,
nor, (in most cases), how a person listens, nor for how long,
nor from where a person is listening.

As global radio station operators, we avail our streams to all
who seek in kind to listen. Even to agents of the RIAA, to members
of congress and their research associates, DND, etc.

Apart from any information I may or may not have that tends
to indicate otherwise, I concider "66.45", as I call the listener,
a loyal fan of many smaller stations, and I am pleased when 66.45
arrives to show support for my station. If 66.45 or anyone else
behind that IP address is archiving streams, then I feel honored.

Those, however, who are streaming commercial music, who do not have
a proposed c. (**) US$1 million, backwards applicable fee, to pay ransom
to the record cartels, and who are sourcing their streams from within
the US, might do well to concider that they may be seen as
competition by the record cartels, and thus, a target to remove
via the application of laws instigated for that very purpose, in
which case, evidence that those stations are playing commerical
music is like a loaded gun pointed at an honest promoter's head.
In the "war" being waged at this time, honesty and good intentions
to pay commercial artists to play such music is not enough for the
record industry, which seeks to wipe out all competition by anyone
who does not have the billions to go head to head in court against
them, to fight for the right to be a part of "the music business" on earth, which they concider to be their own exclusive territory,
and which they take unmeasurable pride in ruling in their shared
monopoly.

"The music industry" does not recognize the new business of global
internet radio promotion, and seeks to re-affirm it's terrestrial radio coup upon this new kind of business, seeking to force stations
to pay artistic clients to promote their artwork in a blanket militant
legal offensive.

The reality is that the commercial record cartels represent 2% of
the music producers on this planet, while claiming to represent all,
and what they are most afraid of is not illegal copying, nor
competition from the vast non-commercial record industry, but rather,
that the people will realize that the market realities of music
production on earth have changed, and now that the 98% of musicians
previously prevented from accessing the mass media channels can now
reach the people through internet radio, it is a matter of survival
for "the recording industry" to wipe out all competition in this
series of distribution channels, as well, lest the public realize
there are more than 40 good musicians on earth, and support artists
that are not bound into their immoral and unethical money harvesting
machine.

In order to compete, the free "unsigned" artists avail music freely,
usually with the deepest hopes that we shoutcast operators would
play their music, and reach the people with it, whom until now,
the record cartels have concidered not unlike their livestock, whom
they channel at great expense through their overprices cd-rom slaughterhouse(s).

Justice is coming. Quickly.

Otherwise, be kind to your listeners,
and support the 98% of music producers
which the music industry does not want
the public to hear of, so that the people
know that the commercial "record industry"
is just a footnote in the music business...

Compared to the True Market forces Love has now arrayed against it.

Gordon Stark
Synerdata Systems

** [PS: US $ 1 Million fee is an accurate exaggeration of the manner
of wall many commercial record interests are seeking to erect]

synerdata.com (http://synerdata.com)

I use to have the mention above IP connect to me for a log ass time. If it was someone like RIAA or Uncle Sam spying I could care less. More TLH and Improved yp standing for me.

If I see two or more connections from the same ip, I kick the one with the shortest listening time if and only if my station is full.

While I don't monitor the station 24/7, I do check in from time to time, especially during working hours :)

I called the Congent abuse dept who did a trace via telnet with me and pointed me towards Ideaflood Inc. I then emailed their legal dept aswell as their abuse dept and got the following reply


Hi David,


Sorry for any inconvenience. We have been developing software for a new online radio package that we are hoping to market, and so we have picked up a variety of available streams to test the product.


People in our offices have had these streams available to them through the new software, and we have been very happy with the results.


I can understand how you could prefer not to have your streams included, at least while we are in development, and so I will make sure that your streams are no longer used in this phase of the project.


Please send me any info on anyone who would prefer not to have their streams included while we develop or once we release our software, and I will have our system stop including those streams.


Thanks for your email and help. Again, sorry for any trouble.


--Brian Shuster
CEO
Global Reach, Inc.


I can't blame you guys for worrying I was worried too but now we have the answer
:cool:

Although I brought this to the attention of PowerHits and he contacted the legal Dept. and the CEO responded with the following Letter:
=====================================================================
Sorry for any inconvenience. We have been developing software for a new online radio package that we are hoping to market, and so we have picked up a variety of available streams to test the product.

People in our offices have had these streams available to them through the new software, and we have been very happy with the results.

I can understand how you could prefer not to have your streams included, at least while we are in development, and so I will make sure that your streams are no longer used in this phase of the project.

Please send me any info on anyone who would prefer not to have their streams included while we develop or once we release our software, and I will have our system stop including those streams.

Thanks for your email and help. Again, sorry for any trouble.

--Brian Shuster
CEO
Global Reach, Inc.
=====================================================================
This is only My Opion:

I personaly have checked out the IP's Ideaflood.demarc.cogentco.com
Ideaflood if you go to: http://www.loc.gov/copyright/onlinesp/list/i_agents.html

Ideaflood is listed as in the

Directory of Service Provider Agents for Notification of Claims of Infringement

If they are so Legit how come they have to mask 66.28.153 .0 to .255 and have the resources to be on almost every station on Shoutcast.

And what gives them the right to use us for test subjects without Public notification first. So for now IP's Ideaflood
66.28.31.102 Plus 66.250.4.158 plus 66.28.153 .0 to .255 Subnet will
remained on my Ban List.

And I do Daily checks of all IP's sometines several, so if they switch IP's or I find other bandwidth abuser's they also be banned. Parannoia I think not. Envasion on of our streams with out our Knowledge GUILTY....

If we where not always checking God Only know how long they would have been there.

Conclusion on my part if Global Reach, Inc. is Legit and is developing software Like iM Networks they should have gone Public and let us Know. So we could opt in or out of their testing, same should apply to any Company. I'm Proud to be part of the iM Networks but had to go threw the process and apply for affiliate status, maybe other software companies can learn to do the same.

And Not to SLANDER but just to make a comment I think it was poor taste of Global Reach, Inc. to be associated with Ideaflood maybe they are using bandwidth from them. But it does make it look bad for them especially if they are Legit are are truely developing a new software package.

Accept their letter in good faith or opt out to Ban their IP's as I have done. Once again this is just my opion based on IP searching whois I did, and 66.28.153.0 right threw to 66.28.153.255 all are masked and previous hop before it is Ideaflood.demarc.cogentco.com.

Stephen

I can hardly believe how far this has gotten out of hand here.

Anyone can stream my stream. I do not concider it my place
as a station operator to decide which listener listening
habits or reasons for listening are acceptible.

Think about traditional radio. There was no way to even see
if we had a listener, let alone, what the listener was doing
with our broadcast signal, or where the listener was, or who
the "abuse department" is, to contact to make the good listener
seem possibly less than good in their eyes. shame. shame.

Furthermore, any software producer who is producing software
(to make it easier to listen to net radio) would naturally
test that software on the streams available, which is not
listener abuse by any stretch of the imagination.

Shall winamp not listen to our station streams in producing
and testing the new winamp 3 software? Well, it looks like
it better test it's software using it's own stations, since
a number of station operators seem to be very concerned about
people who listen to their radio stations for more than just
predefined entertainment purposes (or whatever).

The occurance of growing curiosity about "66.45" in the
narrowcasting community followed as a natural matter of
course. Now we have discussed the matter together, and
some ardent research has exemplified that there is not a
conspiracy taking place, nor any "abuse" of our servers
and streams.

I apologize to the non-offending company for the understandable,
however, overly and un-duly concerned ruckus that has been made
about it's use of our streams for testing, and no doubt, listening
pleasure, as well, in this thread of highly zealous station
operators.

This is a sad thread.
Lock requested.

Gordon.

What I think this community is experiencing is paronoia due to the constant worry about copyrights and a massive feeling getting it up the ass by stream rippers. I for one find it a waste to worry about which clients use what to do who on my streams, you drive yourself up the wall with that thinking.

Just to throw my two sheckels into the thick of the fray:

When I saw these IP addresses showing up on my server logs several months ago, I did a little research for myself, using the standard tools. In addition, I did random searches for web servers on nearby IP addresses. For example, by typing 'http://66.28.176.xxx' into my browser.

I discovered that virtually every IP address in that range that has a web server running on it, is a porno site, most of them under construction.

Go figger.

-- Jes'

Just letting Everyone know i'm not the FBI, CIA, Caravore. I'm not working for D.C or any polotician, nor am i working for any likes of the music industry. You are not in danger for me. If you still hate me, Great block any ip you want. No need to Slander company names or providers though.

One question, next time i want to listen to the Radio should i call up the station to see if its ok?

no worries these guys are paranoid. they should turn off their streams altogether, then there would be less to worry about.

-amps

It's Me .. if only ir really was you.

I have no concern of anyone listening, or relaying my server. I do however have a problem with this IP sucking up every stream on my main server and two other relays all at the same time. This in effect creats a DOS (Denial Of Service) for my regular listeners since they cannot get a free stream. This is also concidered illegal, a DOS attack, and you can be held for damages. Also, if you would like to relay my server then do it the normal route. I can see your relay reflected in the numbers in the search pages.

Secondly, I have a problem with your company (if it actually is) wanting to supposedly test new software (likely a cover story), hijacking all my streams and then on top of that working for the other guy at the same time (as seen at the link at the Librarian Of Congress website). Conflict of interest if you ask me. Either build you own set of stations for testing or ask folks if you can test on their streams. Silence creates suspicion!

some of you are forgetting that entire buildings can be behind one ip. That equals alot of listeners from one ip.

Well that ip was hitting my server every 5 ro 2 seconds last night for several hours, yet it would never connect as it seems that the software cant connect whan shoutcast tires to redirect on a cluster connection. If someone has a small server that could eat up connections. Personally I think that company should ask permission first if they are going to connect so many times.

Here is a small stats cut and paste


<05/23/02@07:06:56> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:06:57> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:08:04> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:08:05> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:08:29> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:08:29> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:09:01> [dest: 61.146.226.129] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:09:12> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:09:12> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:10:20> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:10:21> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:11:30> [dest: 208.234.66.244] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:11:31> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:11:34> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:11:34> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:12:38> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:12:39> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:13:46> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:13:46> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:14:39> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:14:39> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:14:53> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:14:53> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:16:01> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:16:01> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:17:09> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:17:09> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:17:44> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:17:44> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:18:16> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:18:17> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:19:26> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:19:26> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:20:35> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:20:35> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:20:49> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:20:49> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:21:42> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:22:50> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:22:54> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:23:54> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:23:54> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:23:58> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:23:59> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:24:35> [dest: 62.128.100.50] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:25:06> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:25:06> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:26:13> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:26:14> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:26:58> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:26:58> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:27:22> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:27:22> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:28:29> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:28:30> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:29:38> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:30:03> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:30:03> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:30:46> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:30:46> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:31:53> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:31:54> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:33:00> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:33:01> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:33:07> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:33:07> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:34:08> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:34:09> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:35:11> [dest: 62.128.100.50] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:35:16> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:35:16> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:36:12> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:36:12> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:36:23> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:36:24> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:37:32> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:37:32> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:38:39> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:38:40> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:39:17> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:39:17> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:39:47> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:39:47> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:40:55> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:40:55> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:42:02> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:42:03> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:42:21> [yp_tch] new backup server 213.115.152.12:9120
<05/23/02@07:42:21> [yp_tch] yp.shoutcast.com touched!
<05/23/02@07:43:09> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:43:10> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120
<05/23/02@07:44:17> [dest: 66.28.153.46] service full, redirecting to backup 213.115.152.12:9120

Arek
http://www.futureassassin.com

looks like to me that the client was set to repeat but the client's software does not handle redirects. Nothing real bad just annoying. The fact is if it bothers you ban it, but I was referring to these people who think that because someone has been listening for 13 hours they are the gov't or someone out to get them.

Ok.. I read the whole thread.... here's the boil in bag synopsis...

1) the ip's should have proper reverses set up for them, PERIOD! Not having properly followed RFC's on ip addressing & DNS, they are deliberately not following an internet standard and as such are under suspicion!

The fact that someone went there and found porn again proves that they are trying to hid something because they don't want user complaints, or they don't want to be held liable for what they've got posted on their servers.

If you're on the internet, you should have valid forwards, valid reverses, and should identify where complaints (legit & whiners) can be addressed! Anything else is requesting that Admin's out there hold you in contempt and there for ban or block you from accessing their resources.

And that's the key here.. the resource belongs to the companies and individuals that pay for it. If they decide to allow their servers to be overwhelmed by one user or a few users, then that is their choice, be it they are fair or unfair, its their $$ for their lines, they can do with their streaming what they feel like. (within the bounds of accepted internet behavior, which is again, valid forward & reverse DNS, abuse notification points, etc)

2) Testers should NOT be abusing public stations for massive testing and denying otherwise average users from getting a seat on the smaller stations.

As such, in the operation of a station, I have often kicked listeners off that are over 8 hrs in play time, because we DON'T have unlimited bandwidth, and our goal *IS* to have people experience our streams.

3) At the same time, the average listener should try to find several streams they like...that way they can give up their seat at a small site and move to another station for a while.

Unfortunately there are a few very unique stations out there that have a niche that many people would love to connect into, and in such times when 100% of the available seats are taken, and one person has been on for 2 days.. they get bumped on an admin's call.

Again.. you want to let the same person stream for 5 years, not my concern, but if you bump them, I wouldn't think anything of the less of you.

4) again back to the validity of ip address & reverses.. when you set up a firewall or other proxy server, you generally give it proper naming.. and as such sites thru AOL don't get banned as easily as would an IP with no valid name information returned.

You have to trust that the admin's of the stations do have half a brain, and can see odd behavior, that they would not normally tolerate for any other of THEIR resources, and as such ... again.. I side with the kicker's of this thread.. kick 'um, ban 'um, so long as you can justify it to yourself or your boss if in that type of company, then more power to you!!

If the ip coming at you were coming on port 80 several times, and you saw in a log that it was putting a nimda or code red scan, wouldn't you want to block out that bogus traffic so that you'd have more bandwidth available for YOUR intended perposes??

I would... and I do.. block ban kick. Its the admin's right!

FYI ..

the TWO ip addresses connecting to ONE shout stream can be easily accomplished with Winamp ...

CTRL+P
Options
select / deselect Allow Multiple Instances !!


When I wanted to play and try out somethings.. I've done this.. had one winamp trying to play, another trying to record or play another stream... interesting things.... all of it..

so.. one person could physically make TWO (or more) connections to the same stream with multiple instances of Winamp.

:igor:

Ok.. I read the whole thread.... here's the boil in bag synopsis
Maybe you read the whole thread but your Very Sided.

1) If a company doesn't have all the reverse look ups enabled, Tough. Not everyone follows every RCF, they are guidlines not Laws if you don' follow them you may call your self, netscape or Internet explorer. sure its Best to always follow them, but its not illegal.

2) an online server on the internet is open to all for what ever they want to do ! Only cases where something is illegal is if there is an attack aimed at bring the service down, or copywrited material is stolen. i have not hear of any servers being crashed, and they are allready streaming copywrited material.

3) again, your an internet server, open for all. you can ban who ever you want. block what ever ips you want, lock down your box, Dis able reverse look ups. the internet is a free for all law-less land. deal with it.

4)reverse look us are not a Law, International, or US. the only law that has been broken in all of this is the stations who broadcast copywrited material. If you are worried about a certain ip, block, or any other grouping, Learn how to Admin! block ips, run firewall software, learn hosts_Allow hosts_deny files in unix.

5) Relax, breath deep. no one has been sued, hurt, or otherwise messed with. Only a few paranoid folks have been scared ?!? might as well close the shades and lock the door, there is a whole world out there filled with people not like you. ;)

Initially I banned the ips in question here being swept up in 'panic mode' over RIAA spies or some such nonsense.
However, since my stream isn't always full, I unbanned them.

My general policy is to check the server connections once in awhile (fortunately my job allows me to do this).

IF I am full and see an ip with more than 1 connection, I kick the one with the shortest connect time. Repeatedly and/or short term ban if necessary. (attempting to write a tool that does this automagically)

If the connecting person is pissed off, I would hope they would shoot me an email from my website asking me what's up. Then I would be able to discuss my general policy with them and find a solution.

Is my general policy listed? No. Should I? Probably, but don't hold your breath.

I am ashamed at myself for panicking. My policy isn't your policy. I add 2 and 2 to get 4, you might add 1 and 3 to get 4.

Have a nice day.

If you do a Google search on +"Brian Shuster" +"global" you may begin to suspect why there are porno websites on nearby IP addresses. But that isn't the whole story.

See these weblinks provided by Google's search engine for some background material on Mr Shuster. There're others too.

http://www.business2.com/articles/mag/print/0,1643,9012,00.html

http://www.ftc.gov/os/2000/07/xpicscmp.htm

http://www.comicstrip.com/

http://www.webdevelopersgroup.com/portfolio/portfolio_p3.html

So what exactly is "Global Reach" trying to do by connecting to streams 24/7 ?

There are also some relevant search results if you do a Google search on +"ideaflood"

good luck
now to add something to the "bans" list ...

No doubt, if you had followed ethical business practices, you would have had better results.

Alot of these stations are supported by ads, and having a 'bot' listen to a stream voids our ad contracts, forcing us into violation of agreements. The music is meant to be heard, not a data stream for you to test your software with, that is your responsibility. What you are doing is in essence bandwidth theft, as you are not using the streams for their intended use.

If you had approached a few stations with your proposal and ideas, you may have found most to be accepting. Now you have alot of upset people on your hands, and it will no doubt damage your business.

W.

oh that Brian Shuster. Now that i know brian shuster is behind this, I figure I should unban him from my streams, after all, I, as well as many many others, did screw him out of a few thousand with xpics advertising (hidden frames, banner click bots) :DD .. My dad was kinda curious when the $600 checks would come in the mail from 'Xpics Publishing' , I had to trick him into thinking the X was a variable, like in algebra, and that Xpics Publishing was a 'for-hire' publisher or something.. ahhh... the good ole days


//paul

To all who are concerned and/or internested.

I've compiled a complete list of IPs, according to Procrastinator post from 19-5-2002 which BANS all IPs ranging 66.28.0.0 - 66.28.255.255 -> TWO ENTIRE SUBNET MASKS.

You can simply paste and copy them to your ..\sc_serv.ban file (or whatever name you gave it) and edit out the ones you think are fit to unban.
One thing though for the newbies - if you have taken the entire list from here, make sure that you have also pointed out in your ..\sc_serv.ini the correct name for the sc_serv.ban file.

If anyone is interested the list is here (I hope this i'm not flooding the thread) :

66.28.255.0;0;Manual Add
66.28.254.0;0;Manual Add
66.28.253.0;0;Manual Add
66.28.252.0;0;Manual Add
66.28.251.0;0;Manual Add
66.28.250.0;0;Manual Add
66.28.249.0;0;Manual Add
66.28.248.0;0;Manual Add
66.28.247.0;0;Manual Add
66.28.246.0;0;Manual Add
66.28.245.0;0;Manual Add
66.28.244.0;0;Manual Add
66.28.243.0;0;Manual Add
66.28.242.0;0;Manual Add
66.28.241.0;0;Manual Add
66.28.240.0;0;Manual Add
66.28.239.0;0;Manual Add
66.28.238.0;0;Manual Add
66.28.237.0;0;Manual Add
66.28.236.0;0;Manual Add
66.28.235.0;0;Manual Add
66.28.234.0;0;Manual Add
66.28.233.0;0;Manual Add
66.28.232.0;0;Manual Add
66.28.231.0;0;Manual Add
66.28.230.0;0;Manual Add
66.28.229.0;0;Manual Add
66.28.228.0;0;Manual Add
66.28.227.0;0;Manual Add
66.28.226.0;0;Manual Add
66.28.225.0;0;Manual Add
66.28.224.0;0;Manual Add
66.28.223.0;0;Manual Add
66.28.222.0;0;Manual Add
66.28.221.0;0;Manual Add
66.28.220.0;0;Manual Add
66.28.219.0;0;Manual Add
66.28.218.0;0;Manual Add
66.28.217.0;0;Manual Add
66.28.216.0;0;Manual Add
66.28.215.0;0;Manual Add
66.28.214.0;0;Manual Add
66.28.213.0;0;Manual Add
66.28.212.0;0;Manual Add
66.28.211.0;0;Manual Add
66.28.210.0;0;Manual Add
66.28.209.0;0;Manual Add
66.28.208.0;0;Manual Add
66.28.207.0;0;Manual Add
66.28.206.0;0;Manual Add
66.28.205.0;0;Manual Add
66.28.204.0;0;Manual Add
66.28.203.0;0;Manual Add
66.28.202.0;0;Manual Add
68.28.201.0;0;Manual Add
66.28.200.0;0;Manual Add
66.28.199.0;0;Manual Add
66.28.198.0;0;Manual Add
66.28.197.0;0;Manual Add
66.28.196.0;0;Manual Add
66.28.195.0;0;Manual Add
66.28.194.0;0;Manual Add
66.28.193.0;0;Manual Add
66.28.192.0;0;Manual Add
66.28.191.0;0;Manual Add
66.28.190.0;0;Manual Add
66.28.189.0;0;Manual Add
66.28.188.0;0;Manual Add
66.28.187.0;0;Manual Add
66.28.186.0;0;Manual Add
66.28.185.0;0;Manual Add
66.28.184.0;0;Manual Add
66.28.183.0;0;Manual Add
66.28.182.0;0;Manual Add
66.28.181.0;0;Manual Add
66.28.180.0;0;Manual Add
66.28.179.0;0;Manual Add
66.28.178.0;0;Manual Add
66.28.177.0;0;Manual Add
66.28.176.0;0;Manual Add
66.28.175.0;0;Manual Add
66.28.174.0;0;Manual Add
66.28.173.0;0;Manual Add
66.28.172.0;0;Manual Add
66.28.171.0;0;Manual Add
66.28.170.0;0;Manual Add
66.28.169.0;0;Manual Add
66.28.168.0;0;Manual Add
66.28.167.0;0;Manual Add
66.28.166.0;0;Manual Add
66.28.165.0;0;Manual Add
66.28.164.0;0;Manual Add
66.28.163.0;0;Manual Add
66.28.162.0;0;Manual Add
66.28.161.0;0;Manual Add
66.28.160.0;0;Manual Add
66.28.159.0;0;Manual Add
66.28.158.0;0;Manual Add
66.28.157.0;0;Manual Add
66.28.156.0;0;Manual Add
66.28.155.0;0;Manual Add
66.28.154.0;0;Manual Add
66.28.154.0;0;Manual Add
66.28.153.0;0;Manual Add
66.28.153.0;0;Manual Add
66.28.152.0;0;Manual Add
66.28.151.0;0;Manual Add
66.28.150.0;0;Manual Add
66.28.149.0;0;Manual Add
66.28.148.0;0;Manual Add
66.28.147.0;0;Manual Add
66.28.146.0;0;Manual Add
66.28.145.0;0;Manual Add
66.28.144.0;0;Manual Add
66.28.143.0;0;Manual Add
66.28.142.0;0;Manual Add
66.28.141.0;0;Manual Add
66.28.140.0;0;Manual Add
66.28.139.0;0;Manual Add
66.28.138.0;0;Manual Add
66.28.137.0;0;Manual Add
66.28.136.0;0;Manual Add
66.28.135.0;0;Manual Add
66.28.134.0;0;Manual Add
66.28.133.0;0;Manual Add
66.28.132.0;0;Manual Add
66.28.131.0;0;Manual Add
66.28.130.0;0;Manual Add
66.28.129.0;0;Manual Add
66.28.128.0;0;Manual Add
66.28.127.0;0;Manual Add
66.28.126.0;0;Manual Add
66.28.125.0;0;Manual Add
66.28.124.0;0;Manual Add
66.28.123.0;0;Manual Add
66.28.122.0;0;Manual Add
66.28.121.0;0;Manual Add
66.28.120.0;0;Manual Add
66.28.119.0;0;Manual Add
66.28.118.0;0;Manual Add
66.28.117.0;0;Manual Add
66.28.116.0;0;Manual Add
66.28.115.0;0;Manual Add
66.28.114.0;0;Manual Add
66.28.113.0;0;Manual Add
66.28.112.0;0;Manual Add
66.28.111.0;0;Manual Add
66.28.110.0;0;Manual Add
66.28.109.0;0;Manual Add
66.28.108.0;0;Manual Add
66.28.107.0;0;Manual Add
66.28.106.0;0;Manual Add
66.28.105.0;0;Manual Add
66.28.104.0;0;Manual Add
66.28.104.0;0;Manual Add
66.28.103.0;0;Manual Add
66.28.102.0;0;Manual Add
68.28.101.0;0;Manual Add
66.28.100.0;0;Manual Add
66.28.99.0;0;Manual Add
66.28.98.0;0;Manual Add
66.28.97.0;0;Manual Add
66.28.96.0;0;Manual Add
66.28.95.0;0;Manual Add
66.28.94.0;0;Manual Add
66.28.93.0;0;Manual Add
66.28.92.0;0;Manual Add
66.28.91.0;0;Manual Add
66.28.90.0;0;Manual Add
66.28.89.0;0;Manual Add
66.28.88.0;0;Manual Add
66.28.87.0;0;Manual Add
66.28.86.0;0;Manual Add
66.28.85.0;0;Manual Add
66.28.84.0;0;Manual Add
66.28.83.0;0;Manual Add
66.28.82.0;0;Manual Add
66.28.81.0;0;Manual Add
66.28.80.0;0;Manual Add
66.28.79.0;0;Manual Add
66.28.78.0;0;Manual Add
66.28.77.0;0;Manual Add
66.28.76.0;0;Manual Add
66.28.75.0;0;Manual Add
66.28.74.0;0;Manual Add
66.28.73.0;0;Manual Add
66.28.72.0;0;Manual Add
66.28.71.0;0;Manual Add
66.28.70.0;0;Manual Add
66.28.69.0;0;Manual Add
66.28.68.0;0;Manual Add
66.28.67.0;0;Manual Add
66.28.66.0;0;Manual Add
66.28.65.0;0;Manual Add
66.28.64.0;0;Manual Add
66.28.63.0;0;Manual Add
66.28.62.0;0;Manual Add
66.28.61.0;0;Manual Add
66.28.60.0;0;Manual Add
66.28.59.0;0;Manual Add
66.28.58.0;0;Manual Add
66.28.57.0;0;Manual Add
66.28.56.0;0;Manual Add
66.28.55.0;0;Manual Add
66.28.54.0;0;Manual Add
66.28.54.0;0;Manual Add
66.28.53.0;0;Manual Add
66.28.53.0;0;Manual Add
66.28.52.0;0;Manual Add
66.28.51.0;0;Manual Add
66.28.50.0;0;Manual Add
66.28.49.0;0;Manual Add
66.28.48.0;0;Manual Add
66.28.47.0;0;Manual Add
66.28.46.0;0;Manual Add
66.28.45.0;0;Manual Add
66.28.44.0;0;Manual Add
66.28.43.0;0;Manual Add
66.28.42.0;0;Manual Add
66.28.41.0;0;Manual Add
66.28.40.0;0;Manual Add
66.28.39.0;0;Manual Add
66.28.38.0;0;Manual Add
66.28.37.0;0;Manual Add
66.28.36.0;0;Manual Add
66.28.35.0;0;Manual Add
66.28.34.0;0;Manual Add
66.28.33.0;0;Manual Add
66.28.32.0;0;Manual Add
66.28.31.0;0;Manual Add
66.28.30.0;0;Manual Add
66.28.29.0;0;Manual Add
66.28.28.0;0;Manual Add
66.28.27.0;0;Manual Add
66.28.26.0;0;Manual Add
66.28.25.0;0;Manual Add
66.28.24.0;0;Manual Add
66.28.23.0;0;Manual Add
66.28.22.0;0;Manual Add
66.28.21.0;0;Manual Add
66.28.20.0;0;Manual Add
66.28.19.0;0;Manual Add
66.28.18.0;0;Manual Add
66.28.17.0;0;Manual Add
66.28.16.0;0;Manual Add
66.28.15.0;0;Manual Add
66.28.14.0;0;Manual Add
66.28.13.0;0;Manual Add
66.28.12.0;0;Manual Add
66.28.11.0;0;Manual Add
66.28.10.0;0;Manual Add
66.28.9.0;0;Manual Add
66.28.8.0;0;Manual Add
66.28.7.0;0;Manual Add
66.28.6.0;0;Manual Add
66.28.5.0;0;Manual Add
66.28.4.0;0;Manual Add
66.28.3.0;0;Manual Add
66.28.2.0;0;Manual Add
68.28.1.0;0;Manual Add
66.28.0.0;0;Manual Add

I wish to thank you guys at this stand for all your help through the threads.

I also noticed this adress:

<06/06/02@09:08:43> [dest: 66.28.153.46] starting stream (UID: 127)[L: 2]{A: WinampMPEG/2.7}(P: 1)

listening for many hours.

I think that's a regular listener, since we are a swiss radio station broadcasting from geneva.

Bob
M24 FM
http://radio.m24.fm

Ok, I will admit, for a few weeks here, I thought that I had a loyal listener. Appears that I have been duped. After reading all of these posts, I have come to the realization, that this set of ip's acts in a very suspicious manner. The same ip's, showing up on everyones stations? Just a loyal listener? On all stations? Oh yeah, right.

IceRegent

Well, this is terrifying.

taken from a piece at: http://www.business2.com/articles/mag/0,1640,9012%7C3,FF.html

It could be argued that Shuster did nothing wrong here, that he was merely pioneering a new industry with an infrastructure that wasn't ready -- and that is, not surprisingly, precisely what he argues. He may be technically right, but such an argument is of a piece with Shuster's M.O. -- which former employees characterize as a tendency to do the bare minimum necessary to stay just on the right side of the law. As Ford Johnson, who served as a vice president for WebJump, another Shuster company, puts it, "Brian was a brilliant cash flow manager, but he had no filter saying, 'This isn't right, fair, ethical.' "

Originally posted by iceregent
Ok, I will admit, for a few weeks here, I thought that I had a loyal listener. Appears that I have been duped. After reading all of these posts, I have come to the realization, that this set of ip's acts in a very suspicious manner. The same ip's, showing up on everyones stations? Just a loyal listener? On all stations? Oh yeah, right.

IceRegent

I see these IPs during US business hours almost every day. ARIN whois doesn't tell me anything useful. It seems like they are comming from the networks mentioned earlier.

66.28.176.253 4h 16m 50s 0 Kick Ban Ban Reserve
66.28.176.252 4h 16m 49s 0 Kick Ban Ban Reserve

These two IPs always come in pairs too.

and a traceroute output:

4 fe-1-0-0.stk10.ip.tiscali.net (213.200.72.5) 1.945 ms 2.249 ms 2.534 ms
5 so-6-0-0.cph20.ip.tiscali.net (213.200.81.37) 9.491 ms 9.906 ms 9.877 ms
6 so-2-0-0.cph10.ip.tiscali.net (213.200.81.34) 13.556 ms 12.992 ms 13.333 ms
7 so-5-0-0.ams20.ip.tiscali.net (213.200.81.41) 24.588 ms 24.632 ms 25.406 ms
8 so-0-3-0.was20.ip.tiscali.net (213.200.82.162) 116.806 ms 116.399 ms 116.488 ms
9 mae-east-atm-oc12.above.net (198.32.187.18) 118.793 ms 118.564 ms 118.316 ms
10 so-2-0-0.cr1.iad1.us.mfnx.net (208.185.0.138) 118.296 ms 119.276 ms 118.542 ms
11 pos2-0.mpr1.iad5.us.mfnx.net (216.200.127.10) 118.471 ms 119.481 ms 118.273 ms
12 64.124.112.29.cogentco.com (64.124.112.29) 118.558 ms 118.933 ms 119.683 ms
13 p15-0.core02.dca01.atlas.cogentco.com (66.28.4.22) 119.477 ms 119.515 ms 121.218 ms
14 p6-0.core01.jfk02.atlas.cogentco.com (66.28.4.82) 124.837 ms 124.75 ms 124.458 ms
15 p5-0.core01.bos01.atlas.cogentco.com (66.28.4.117) 129.583 ms 129.436 ms 130.165 ms
16 g8.ba21.b006523-1.bos01.atlas.cogentco.com (66.28.65.74) 131.219 ms 129.588 ms 129.893 ms
17 SwiftWill.demarc.cogentco.com (66.28.21.50) 131.192 ms 129.873 ms 130.124 ms
18 66.28.176.253 (66.28.176.253) 131.007 ms 131.467 ms 129.786 ms

It doesn't tell me anything either.

Anyone have more info on these two IPs?

//Oscar

I havent had these people listening to my streams before but I added them to my list. If they really are testing software they shouldnt waste all of our bandwith. They should just run relay servers in their office. That would be more logical. And if the sites are porn sites then they probably are hiding something & should be blocked. Why would porn sites want to connect to our streams? I know some of u think its paranoid but it could be the music industry trying to kill our servers. Its just a thought though. :blah: