l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2006 Sep 14 05:31

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] spam current events
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] spam current events



On Tue, Sep 12, 2006 at 09:34:15PM -0400, Peter Jay Salzman wrote:
> 
> good sleuth work.  from the ferocity of the number i've been getting, it
> seemed more like a virus than spam.  that spammer has some awesome
> connectivity.  i hope he gets shut down quickly.  they've definitely
> decreased, but i'm still getting multiple a day.

Rather, all of his zombied machines together have awesome connectivity.

I've been tracking attempts to abuse web-based contact forms on a server
that I'm now responsible for, rarely have I seen the same IP hit the
form more than once.   Probably because they're too busy abusing the 10^5
other insecure forms out there, or doing whatever other nasty tasks their
"owner" has rented them for.

(The form, BTW was exploited due to the fact that it allowed the
user-submitted From: field to contain a newline, thus prematurely breaking
the header portion of the generated e-mail.)

"SELECT staffEmail FROM Staff where id_staff=$_GET['staff']" wasn't too
smart either, although fortunately that little gem didn't get discovered.


-troy
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.