[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Novel use of Usenet and remailers to mailbomb from [email protected]



-----BEGIN PGP SIGNED MESSAGE-----

Somebody, too clever for their own good by half, has come up with a
novel way of using Usenet and anonymous remailers to perpetrate
mailbombs.  The M.O. is to post a message to the naked-lady newsgroups
saying "get pics in your mailbox! send this message to this address!),
giving the email address of a cypherpunk-style anonymous remailer and
including a pgp-encrypted message block.

Thousands of horny net geeks will send in the message; some of them 
will even follow instructions correctly so the remailer forwards the
message to its intended target.  The result is that the target will
be mailbombed -- and the remailer operator can't stop the abuse by
blocking the abuser's address, because it's coming from all over the
net.  

There is *no* chance that this is legitimate.  The remailer discards the
original message header.  There is no way for the recipient to know who
sent the email message.

Cypherpunks:  is there any way to respond to, or prevent, this sort of
attack short of actually shutting down the remailer?  

What comes to my mind is the remailer operator grepping for a character
string of ASCII-armored cyphertext from the known attack message and
throwing messages containing it into the bit-bucket.  It is highly
unlikely that this would appear in any message except the attack
message.  The problem with this is that it works only for a known attack
message -- it can shut down an ongoing attack, but it can't prevent new
ones.

I am including the widely-crossposted attack message below, including headers.

   Alan Bostick             | He played the king as if afraid someone else 
Seeking opportunity to      | would play the ace.
develop multimedia content. |      John Mason Brown, drama critic
Finger [email protected] for more info and PGP public key

> Xref: netcom.com alt.sex:292849 alt.sex.wizards:44144 alt.sex.magazines:11634 alt.binaries.pictures.erotica:364153 alt.binaries.pictures.erotica.blondes:48686 alt.binaries.pictures.erotica.female:130066 alt.sex.movies:91249 alt.sex.pictures:98757
> Newsgroups: alt.sex,alt.sex.wizards,alt.sex.magazines,alt.binaries.pictures.erotica,alt.binaries.pictures.erotica.blondes,alt.binaries.pictures.erotica.female,alt.sex.movies,alt.sex.pictures
> Path: netcom.com!ix.netcom.com!howland.reston.ans.net!news.sprintlink.net!nuclear.microserve.net!luzskru.cpcnet.com!www-39-190
> From: [email protected] (luzskru)
> Subject: Get Penthouse and Playboy pics on your mail box!!
> Message-ID: <[email protected]>
> Date: Thu, 11 Jan 1996 18:10:37 GMT
> Organization: http://www.cpcnet.com/~luzskru/home.htm
> X-Newsreader: News Xpress Version 1.0 Beta #4
> Lines: 119
> 
> Follow these instructions.  
> 1) paste everything between the -------- into the body of your message. Be 
> sure to leave the first line blank and include everything including the ::
> 2) Send the message to [email protected]
> 3) as the subject, specify playboy or penthouse and the month.
> 4) if you don't get the file within a few hours, then send it again and be 
> sure that you didn't do something wrong.  Here is the message:
> 
> ---------------------------------------------------------
> 
> ::
> Encrypted: pgp
> 
> -----BEGIN PGP MESSAGE-----
> Version: 2.6.2i
> 
> hIwDuhnKCI5qH1EBBACCHVVFVfrX6fQ9QzUFVe8aCb+2g1M71Utg1ZJKGrq1S16v
> 0q/H8RvBa4bpg1RCx6IjhScaHqW66uubAUY1GOlzvWiMW4xw+3kEcO7lep8crvH0
> +/YXe6S2jlIUjMW7FncoFSrBIumrPXygkXHtkTjStvJiBdXyXlmgahyl9nlaNKYA
> ABGCfXDZs31NP39/YeJmyP7M+edjKsKpTs8A9tW58Fm45Nlr/wStSsRsteTy/lQu
> +O5Hft36bsci8B8Y4gsSLlZ71a1GLvBhSOx5qfXIOStAaLZobfbPYd+WWJMiIXcv
> dGhl6SOoyUo5xc6ty7/Z4/vvxtOtndJMz7acsEk2pFQX8WNpBZRg+WRBOlTAKPDW
> vQhnowKeIna8wq8FfOJFQzdM3uxgYBeoqRc6dRGlB8+V+aOicAtZHdRgTjH4hgAk
> QF8W1lXDYc6OJZn3cR4WcoCYQnrGYLyFCEF/eU4umrFaCjs2HAql/ygBoK1AAloi
> BE2HSeKI+gh6DXwbR3Ub9FWkMGr8t3S2AHe4FzbJlIrnJEvSQUcihro+aCG/wGr4
> 0KyvfZuuBgKX7XiSEnZeoO+UcF9yBlnvy7FhNT7skmjZ79JH0aCnSgSE0u9Ta/Dw
> WGQT8nIz7Ex7T4sObGtKgSk2Ari86a+qM4McTBpelKmXIQLoivyuEW1r0OsRUJdA
> 1iwk2ILNL2Sn6/cHQaZKnGCSasWqxlM3cDcfit6M2y/3Jryj4fh29B2rYY+A8fP1
> VU8uwFZ5whOBw7TcoS2dAoqOBOEYKz3pItCAxTMZ8UN1qu0EGXuBxSLLbNQtRShN
> oGddR2jlv43Js07rumdMGUazTiAUUY27Pb1w3V9dcvL3YALFjtEB2Keg9A4foyaf
> o1Krbxg/dMTVVcXuneP0ayhg3QGRlks5Gr+jGhTYUfrn9WetyI9nXeqzpvcwtXbc
> GkxHpQboQNeWiRkhkbmnBvbT/IseehBcC7NsyP9P6K/XxY02ebimFo51xpxM4Bsy
> MjMo1N/e9mvPuh1mzpbQwzuba9udM5Np2E9h7PKXO9F0PbMiLW1LMZ7lqfh4FHQO
> vhV/FwjkhTtCc/+T4ZNgpYcJ7PwM9s8JKxNWB73AFkTKBx4gQNDnhHNty77YunYU
> Rj8vUgiSRb+1hPejecxcfNAr5g3TAM/mJuVLg5njCkr3o2fuL4wGF5lz/GZ2l3sE
> sOs+BDQhZcefX4MOq7Ys60rAMvNizzQUo4H5aIdYzT4MYfw+4xPjOLcaHvzAYU7M
> WbeFoLdm7nC+//3ah5e1Bkk6POKUb6SnCJnUa/JyLV7+2PLo+YkwnokkSrB61bUf
> 7blbc91VSjaQ+wsUwBoVHu2RRg9QCtxTQKDilKG3oYISnnA1LaOhMfFVm1XKm7Oe
> 540eeJu7MGT+kLKjLe+UF1TDrZG7r9v/WK2SgTbliTvDzhj0dBhJ1MoDZxhx+h3m
> GM/kyqyV8YcTpBC8ePmzYE+j8gMTakihRslWPZn2SxT18leerbyMsyplyXdAowdW
> HXhTNuoolLJQPFpu9gK4kbr7U6KVdHPbUDDw+0km6pcJ8qWR4kCUD3Y8aMNfzggh
> VxuCqbdJdfYL8YzS3Z0PknzorgdvuWR/BXAkf/Jh9+zTNRgLu5TnueA6Ae68uIqp
> VDU0cetrD7ys5Wb+rq6Tg1WRgkpyg2iWdxdFpVb3w9zvdtV4MvfbVG8ckY1qYrAY
> wZgJOdWHtCW37UWXXgHWTrifsjNLeKVSSSrOIDzsxbI0wuwTadFRG/4Ci7A0K/C8
> 2lGs+gluHw6iTV0uSwxyZXr3JQR7R1VH4zb3sjDDd5X6YmR2OwThT934G49W4Afa
> 3F1gv4M5/9JVKTdRJGYPfYwDTbtfPHMWgj33rtsBbILBZ4HBJKoBDCygJfZzO6Jm
> fbUOqzB9+rPQLbD0DcxOoUyVtynWr9xG2M/WbvzjN+y28/YAQLrNvkppxA4psjNQ
> j/jS3od7HY1BWRvBGOgybrnovK9+ZbphLHHZzx+WcuG4ngtYriETlr5ZhlznT6Hv
> 5+vCJjIZHwp7x+sscxbYsSgyrtzi+nam1kiljLowN+avbaA/Xt3K7zymMAVbFq3T
> cM6Q4Gq07wAZkbmu69tCR41sdha7hWF9NM9DHAiOgdDknxljgKyHBcdKDOSsyzsU
> Ow9fdjMlna45i0AoZ4YsFfGC8SFhnMrLGAu1f6RVlWIpt/avWtEdJ3VYCe7ZwYw8
> wtKHLMS3pSVrMNx3OuiQFykMs/TpBOGIdtR1AWqSRroE/SlxRtJWQjNt1yX24plZ
> +MMASvIbi8wJPrxwCOiNI5EBg+3UFdcxnOvdt6Da0ElO22ucr9qiu2E246QCSyDT
> j9jWAyRdxlevI1+O1OPqMO6LOGHL9pLw6FdsEKmpT49kWXYCIrxvSO25sq1ilIaH
> 0IiTs0FkWUxMaiwS8owhX0KVNGPJgl0RdAzsTIMf28AjN16Ex1d/Z7tjUy3AKgxq
> 7t6yaaot9sCIV2u5JD4DPnhG9pQ0gVPUTHbs/ImNA634Q/QK+mJTcFI+yweIaLCP
> Rk5kECvk9UBS1wLUSy//EotQ7XMJOq0/Vadwh9vMGE36yJcgB9kUAAl7HMvxLZsC
> ZgOiMqSNr5O8H0ulj1hqqaklR8xj1Dln9AVWsrh3gJP7NUiMrh0jnTWaHKGATDZ1
> 5wWiRTB5YqteRn7TW1R6+v/u9SHVriiQIvoL0ZtnZZzgZAsaJcGThPgWuyciB7ff
> HIqsjtul3EFr9Fm2rhTiVAnW7E6HFq2buLrQixImImDyygtCI5/LXsQvsANVjg1m
> qMZdBdOkc6Da6w0BXIgb14T1+O0uxnxAAxCDp93xmv/tsthW2mtYhESECTV93ph1
> pk+JegBEN37ivX5054tIVJfD+aVkDXXnN2KM/GhqzOdGJEhZHcWFqQ7RNCiTk9n5
> T/hF1FNcrf1mBIuM8U+tpyslhU4tOuHj4MTrbNA+zVNUHI0yhekLW89WwoIsDGCV
> boA6B5qirvM+PZOniXyzFqUaEGGAEkIizt9UFvaJ50sn9OcVxTeirHQPrkjVPGWh
> MXk8eBNzDmnO+/kWFLc9oOLmUiOmQDhboOtiHYMEaGNRxWw4i82XJi1fULSuj0s5
> YjdSnH+He5oawpnnR3CzkVOrJkXxJTEaKUhe0i0lrkYi5YTnsCkpz/dHC4n6dEyT
> id1//eRfWqianNmyzbzkY89kUJu7XUn0iZPQhJgLCkx7JFLK2W/g4krgMkmQZc/L
> C0gxWH5ZCJvutuZrDtFXFk9z3oxSEDyaxqSjVn5lxjHc28jrHLLDC0FZWNklrOWl
> dK9Hjhh8aBWwsjcjKs71ibRs05Fmg6dxgR0K6UZm872WGgHUEwR1co4B9ArP1qVd
> U64v3Izm8ojVM4tgFx3z4QFyitoaNhkdlf+Q+rdUaIgoQHLl+9orISFZrItLwCKn
> gXtPrHwNRVcHs6hM9mxNjONufRhRMZUBpaeHhrNLMV9Coy9LROHFYbr0mT8+oyIh
> 7PrAlDQE6nuaC11NVlkh22bCRyR1ExsJSQrbrsvsFePm3JMxMEcVSXSyxNZqLTkA
> ueJtoW++RybT8VFe5w7DrPvKRVK5c23Ko081pBFfK2pWW5gYmnO61I1K+UOdZDET
> uvoXfPQ66aB4LsEo7iTwc7tcko2SMbjBgIp1rXKSCHpJkH1WBdKcALZnDTnvPwp2
> mjpQlfy/OvHssjE+dNiWobHE8ymSzw1sOMAWNlEUCWNw0mGicO2XsnuG9AcN35oX
> b5qpmqCNn83r9B5a+d5jKlJzHcIFSjHryrudHRgUY+VilxsoIzPKKpkhcqKrNA+N
> GAl/tWA+oYBp/vhRQv0bqxMIYBSdrUKN52SNPIXmnDzAociBobnpcnr8zXEk7ITo
> rQJObrYbMOh1meqDcNLt0+6gKhFwiGGQmuxAakR6NgfE9SKFciQXE1bDCF3/YaAA
> 5V8YKA4Oe1z4AA5eRQiWJ7A1FbfJtxcl2ABcseyx2zHCPZv0a2zulqgyThhdMLNa
> 6gbxg1nr2W6QlbYH43gU3eJrvunDBDTGpWBKwSBAnO15Pscia0CLWJ2P/j4hLyyU
> 1nnswmdGaxluv/sSwwAR8OEWfj/lkQXrm1RPKyoFTifeFitmIOGtal2T3pf/NuR3
> lXE1u+z3T0LZPrZ7n3/k4xyKaD2H5vhtV8Dj+UhHbyqlxYE+E0s1JGhhSE8rbydx
> +uFCk7MiQ4Y4QzUB+IomQDjK1U1FLKyTkFF6LihKXWbufvvDiGo8k61KsO5ebUAW
> gAV9t0wGBD5oQHBa+92qyrkmK/5QIzXbUSRUpHpmM4geP6wiS/wRock4DT5Y8RFE
> e8tlU365TbaYD+n1B87IZvggd6+i+tgszK6U7EslePOVOq+eJkgHtEHwqXMsC9BY
> +mMjGK9IgDSl8o3eYR2aCC2ZPRc7FXCvkQyGoBvmbjKZC30JwrfRSnbhz8JeLO/2
> 9yBHGS+YDmLkzV2yr8d8u5AD0NI3bhDYvH6T0P3PK6rV27ITi7Pp6rzWRJDag2MO
> cObv4YfGbopQ4j02NNy7KBq2xlcApPFvudCdHcVBdeKjaRBWvPei94Oy7/B8xazN
> jZDcMuOogNEaE+zGbjSlnhp4P1lHILY7NcgoFzgF9bhb46k6RZRXnt/mlzYpNMAw
> o3Ch6yJJNIQQx8c0Kka11ZPD4qVUCw8M85cFPVqhTOHQyao6q12exbT7WsZExzQn
> AnOjHffkChpECDyhGcFlRkS20t9kgTxoaD/1z22i8jFZOX3BoHaRSJM0FxC620JE
> cYxm7w3V1z9k1e4SfriI1rbLFZywYHyCglnV45pe4wkzRvw7OGdwtHYx56351m5j
> GX5Ls+J1KHrZQPH3Gb6iiZEXT/Hndhm/JRsQqxi6mgf3/zBwZyqnC8nenRjIwKhN
> x8eDG3jldBEFAjg1je4BQ1KoSKtqrRNPwg2FRW9D9ozGIxLn9cgjLyRWBwH3+J/P
> v6OLiqpcufeTr3nABb58y51qpiXT65lpFLnsw5Wj9vX2nkneDB88l54ZmrH6e6Z1
> pSloilRAhzdWoXksUCSdxNXL7cH0ps0yGF9GWmUP3BaFv0q2YuV4Cfq3RF6zXO4e
> /ANPVO3j/pl4rk8cmKOJHWPBMgV5pkdUt29I/dcCSI/z9yZlYJZ7PSac0Tn3kyg7
> 23/IYhTSPx4JIq+VqT4sgOIdPjxBpJqKX7BMGQqecynonS+isIwgbSP/J2cNUhp0
> 0N7VDfei4kVjU4sJaOdNi1zO4/nLk+rfZiyR1WP3o59b35JoKq3Vdln2Jubt7PMW
> B6Ilmu6xVZj2QfhL1zGvY2C55uBcuqiIpKvmdgR8WAsvmtSPxSLE2ScanXUD1At0
> 2ej4+gr7K16pWLwLIcQ40B4BurxsZI+80kfUnx/LZjRLzc9Cdtw6b1VVhPp3qn9g
> yv352SccnDbP3yzcprJuSWQbHd9BeGcoHJsy5rKtdS5LiAuRGZ02EJ3RAJAwUMwK
> k430fYjY3ZX6giwKkpHunB9z59PQiGtI8s4OA0sEK+MuHWp8htbBP5kJddsP4k1G
> VFUQDcvsvjWQoJnCVEbvE7kPYf00AeRLGm7vM7TQTdDkoRfCii35G5wYS1dVY3nc
> luEu3b8aNwjXwH9Bh0aLXQIQVjvdpvr0/zUJ5hAi/YyZnYVqIsWkbWo8/i8Pw9jb
> BdElQ9yU9RIYDPrqBSKi5gLoOts7YYnZbWLAKWylm5Hbn6imJ/qbhPi7Buy0h5dA
> S/68ux55oW7FXc+rEfpjf0zBsrvxmT0SDu40S3l25SMUEO4A8oCB2sJgXafWE2Ea
> RssohLtRar4x8VCFpcGPbNio2muTT9VwaQG9KHygOfH3i69VcuC6db18uah0b80O
> WrXMeqK5M88JwjfJKe36kqPvLZD5llPeM7Sqj0wxUaKmnPW6ClXHm+mYeP+21BIY
> AOtDh1Lxg3R+rob8J/OtA3U9TtHT4aSnafRNrxDT5sm3PKx8ajnR3fe0jLo4mgdi
> Z1sLLK1wh9j21R4hy6XvrIOFCDqpbSR6KDCerYJyo371kd1mkpJKwdlsBIl5G4bN
> Q6nbNKsVWpHTdF24zHNh+GZgiY4Q98HcSp2PeFa4vetVlYmV48Uf8tncEukox0pK
> XIpWrirDXI+90zyVAwhKtjbNlC2a
> =TKgw
> -----END PGP MESSAGE-----
> 
> ------------------------------------------------------------------------------
> Include everthing between the ------------------------------- and you will get
> the pictures in your mail box.
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMPayLeVevBgtmhnpAQGKxgL9H4WsKLnIJAXGm5s1XPwWkRKsTHj2Ewhm
sPVDYt697wflpqXy69oL4k8Jk/GUswuPcbO6/3zyeUGetm1hkVxrVCJSlW5sapQV
tIT2MSZi1uz3Wwfn52uajm0d7ebF9bx3
=yoZx
-----END PGP SIGNATURE-----