Joseph Miller wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Exon,
Would you happen to have that script available? If many people had access to
this script it could possibly cause DDoS and severely limit spammers. I
would, of course, not necessarily recommend this particular action because of
the legal implications, so I must say, "We could use this as a possible
threat to illegal spammers". Thanks for the info.
No, but the gist of it was something like this
john --incremental --stdout | while read foo; do wget
nastyurl\?email=$foo@microsoft.com -o /dev/null; done
I added some perl to read 100 lines and spawn 100 wgets at the time (the
server seemed to block if I tried to do more at a time).
Not that I actually used @microsoft.com or anything. Well. Not that I
officially admit it anyway.
Anyways. I've unsubscribed this list now (too much line-noise), so Cc:
exon@home.se if you want replies to reach me.
Cheers.
- -Joseph
On Thursday 16 December 2004 11:47 am, exon wrote:
Ian wrote:
On 14 Dec 2004 at 13:43, Adam Tuliper wrote:
<snip>
Personally, I like stringing them on and giving them false information
and wasting their time. Its fun, I recommend all of you try it : )
You make have stumbled across a solution
here ;)
Why not code an automated system that fills
in their bogus log in screens with false
information?
There are only a limited number of banking
web sites around so a template could be
created for each.
If enough people join in these phishers
would get swamped with information and
wouldn't know the good from the bad.
Thoughts ?
This is known to be effective against spammers which use href-links in
email to verify 'live' email-addresses. It's usually highly effective if
you find something that looks like
www.some-site.com/remove_me.asp?m=email@somewhere.org
I used to get around 400 spam emails a day, so I wrote a quick script to
connect to a couple of these urls a couple of million times with
auto-generated email-addresses. Sometime during the second night of
running I kept getting connection refused and spam dropped down to
around 40 / day.
Another anti-mischief act was when some organisation (can't remember
which) found out the IRL address of a spammer who had used their
mail-server and signed him up for every free hard-copy snailmail ads and
catalogues they could find. As it turned out, the spammer received some
four tons of advertising papers and leaflets through his mailbox in a
week, effectively causing a DoS on his own apartment. Retaliation can be
so fun. ;)
/exon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBxtj4mXZROF+EADURAvNeAJ9oWsMhp3sep2nPSRNeJ3meaT7sEgCghoTH
0yrvOqZjlb8SfrDyf7yc75c=
=JwXW
-----END PGP SIGNATURE-----
