17.400 anti-spamming measures

From: Humanist Discussion Group (by way of Willard McCarty willard.mccarty@kcl.ac.uk)
Date: Sat Nov 15 2003 - 02:32:01 EST

  • Next message: Humanist Discussion Group (by way of Willard McCarty

                   Humanist Discussion Group, Vol. 17, No. 400.
           Centre for Computing in the Humanities, King's College London
                       www.kcl.ac.uk/humanities/cch/humanist/
                            www.princeton.edu/humanist/
                         Submit to: humanist@princeton.edu

             Date: Sat, 15 Nov 2003 07:23:32 +0000
             From: robert delius royar <r.royar@morehead-st.edu>
             Subject: Re: 17.397 anti-spamming measures

    On Fri, 14 Nov 2003 about 09:02 -0000 UTC Humanist Discussion Group (by way...:

    > Date: Fri, 14 Nov 2003 08:44:52 +0000
    > From: Willard McCarty <willard.mccarty@kcl.ac.uk>
    > >
    > An apparently clever scheme for subverting spamming can be found at
    > http://www.hostedscripts.com/scripts/antispam.html. All it requires is a
    > link to the page from your own. Comments? Do we have evidence that this
    > sort of thing works?
    >
    > Yours,
    > WM

    It is generally considered a bad thing to invent "nonsense" domain names to
    discourage spam. There is no assurance that those names will continue to be
    nonsense in all future name spaces, and in other cases they may be meningful
    in existing languages. That said, I have found the technique of WebPoison
    to be useful. It automatically generates addresses from the link scanner's
    own IP number or uses the localhost IP 127.0.0.1. At least then, the only
    machine damaged will be the scanner's. I also use a similar technique to
    redirect scans for potentially damaging web-server bugs (CodeRed, Nimda,
    formmail, &c.) by redirecting requests to those programs back to the host.
    Under certain circumstances of a compromised MS-IIS server, the redirection
    may lead that server (the one running the scan) to shut itself down--or at
    least that is what I have read. There used to be (and may still be) a site
    on the web designed to handle these redirections by scanning the computer
    that originated the scan, then exploiting the worm code that has infected it
    to instruct the machine to turn itself off (or in the least, to HALT). 

    --
Dr. Robert Delius Royar <r.royar@morehead-st.edu>
Associate Professor of English, Morehead State University

    This archive was generated by hypermail 2b30 : Sat Nov 15 2003 - 02:39:44 EST