Author Topic: Spam Poison (Read 4655 times)

Killer360 · « **on:** April 05, 2007, 07:40:26 pm »

A neat website... very useful for websites and blogs. http://spampoison.com/

Quote

Fight Back Against Spammers
WWW Robots (also called wanderers, spiders, crawlers, or bots) are programs that crawl the Web continually retrieving linked pages. When a spammer's bot visits your website, blog, forum, etc, all pages and sites linked to it will be searched looking for email addresses.

Now you can fight back against their robots!

All you have to do is link to this page so that whenever a spammer's robot scans your page, it will be sucked into this one. To link to this page, just use this simple code:

Sidoh · « **Reply #1 on:** April 05, 2007, 08:28:01 pm »

This is a neat concept. It's usually referred to as a "honeypot," yes? I realize this takes the idea to a somewhat new level (I'd assume that bot programmers are intelligent enough to know when to stop recursing, though), but it seems like the same concept.

iago · « **Reply #2 on:** April 06, 2007, 12:42:04 pm »

It sounds more like a tarpit than a honeypot. Tarpits are meant to slow down attackers and honeypots are to detect them. But really, it's neither of them, it's just giving false information (email addresses) to spammers.

To me, the site looks more like a marketing site than a helpful site, and I think that's its downfall. On the left, it claims to protect "1,470,000 blogs and websites". If it's really that many, and spammers notice, I'm reasonably sure that they'll just block that site. By now, with over a million users (if that's true), it's probably already useless.

chuck · « **Reply #3 on:** April 06, 2007, 03:32:25 pm »

I coded a simple script like that along time ago. It basicly made addresses like jg897xf0wj67@gvetua8e.co.com, and with a little mod_rewrite, had infinite pages. (20 second delay was manually added though, to keep it from eating all the b/w)

iago · « **Reply #4 on:** April 06, 2007, 04:50:06 pm »

Quote from: chuck on April 06, 2007, 03:32:25 pm

I coded a simple script like that along time ago. It basicly made addresses like jg897xf0wj67@gvetua8e.co.com, and with a little mod_rewrite, had infinite pages. (20 second delay was manually added though, to keep it from eating all the b/w)

It would be more entertaining to actually collect the spam, then scrape addresses from the spam emails or sites linked to be spam emails.

Joe · « **Reply #5 on:** April 06, 2007, 07:02:37 pm »

Sidoh · « **Reply #6 on:** April 07, 2007, 01:08:37 pm »

Quote from: iago on April 06, 2007, 12:42:04 pm

It sounds more like a tarpit than a honeypot. Tarpits are meant to slow down attackers and honeypots are to detect them. But really, it's neither of them, it's just giving false information (email addresses) to spammers.

I was under the impression that providing fake email addresses (etc) was what a honeypot did. I heard the term when I was talking with my friend (who's also really interested in network security) and the network security professor at my university and they used the term. I asked what it was, and that's the rough definition the gave to me. I didn't ask anything further because I didn't find it very interesting, but meh.

iago · « **Reply #7 on:** April 07, 2007, 01:23:54 pm »

Quote from: Sidoh on April 07, 2007, 01:08:37 pm

Quote from: iago on April 06, 2007, 12:42:04 pm
It sounds more like a tarpit than a honeypot. Tarpits are meant to slow down attackers and honeypots are to detect them. But really, it's neither of them, it's just giving false information (email addresses) to spammers.

I was under the impression that providing fake email addresses (etc) was what a honeypot did. I heard the term when I was talking with my friend (who's also really interested in network security) and the network security professor at my university and they used the term. I asked what it was, and that's the rough definition the gave to me. I didn't ask anything further because I didn't find it very interesting, but meh.

A honeypot is a security program/sensor that detects any kind of attacks directed at it. In some cases, it feigns vulnerabilities/os to trick the remote attacker/program into thinking its vulnerable. Depending on the honeypot, anything can be detected: worms, viruses, spam, attacks, etc., and it can be used for protection, study, trending, etc.

In the context of spam, a honeypot would be a site that gives fake, monitored email addresses. Spam arriving at those addresses is cataloged or studied or something. That may very well be what your friend was talking about.

A tar-pit is a security program that tries to slow down attackers by responding slowly to attacks or wasting their time (network or CPU). If I recall correctly, the most common one, la brea, will negotiate the window size (the amount of data that can be sent without acknowledgment) lower and lower, until the connection is nothing but a series of acknowledgments. Or something similar. I'm not sure whether or not providing fake email addresses that go nowhere could be considered a type of tarpit, though.

Honeypots and Tarpits are both interesting, though. I say you're crazy!

Sidoh · « **Reply #8 on:** April 07, 2007, 01:52:54 pm »

Sort of interesting, but I can think of dozens of other areas in computer science that interest me more. Computer/network security is interesting to me, but not nearly as much as, say, computer vision/pattern recognition.

Clan x86

News:

Author Topic: Spam Poison (Read 4655 times)

Killer360

Spam Poison

Sidoh

Re: Spam Poison

iago

Re: Spam Poison

chuck

Re: Spam Poison

iago

Re: Spam Poison

Joe

Re: Spam Poison

Sidoh

Re: Spam Poison

iago

Re: Spam Poison

Sidoh

Re: Spam Poison