[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Spam Update/Cyber Promo attacked



Rick Osborne <[email protected]> writes:

> >PHILADELPHIA, 5-7-97  Bulk e-mail giant Cyber Promotions is under attack by
> >"anti-spam" hackers. [...] Currently thousands of businesses with web pages
> >and mail box accounts are being denied service.
> 
> Hmmm... the whole reason they are trying to stop the arp-spam is because
> whoever is doing it is trying not to be found, right?  Well, what if
> someone (or a group of someones) were to set up a web page with a script
> behind it.  The page would simply ask "How many arps would you like to send
> CyberPromo?".  An anonymous web user then fills in the blank, hits SUBMIT,
> and the CGI does its thing.  Using this system, especially if it is not
> just coming from one page but from anyone who sets up the CGI on their
> system, CyberPromo really can't do anything about it, can they?
> providing the interface.
> 
> A perl script to connect directly to their SMTPd (no point in clogging
> yours by using sendmail) would be trivial.  If set up on a sufficient
> number of sites/pages (the form elements and script might take up a totalk
> of 2k, whoopee), this could be a sort of passive agressive way of getting bac
> _________ o s b o r n e @ g a t e w a y . g r u m m a n . c o m _________
> It's amazing how much 'mature wisdom' resembles being too tired.
> - Lazarus Long
> 

First of all, Wallace is a great guy and anyone who interferes with his
freedom of speech is scum on par with C2Net.

Second, if you run a cgi script in this manner, the pings are still coming
from the web server.  You want to ping from the client that the browser's on.

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps