[Spambayes] Latest spammer trick stymied

Richard Jowsey richard at jowsey.com
Tue Apr 1 09:24:28 EST 2003

> Spammers might be simple folk, but serious crackers (not the script
> kiddies) certainly are not.  If there comes to be a widely deployed
> tool with this sort of fetch-what-I-tell-you-to behaviour, then it
> will get exploited by people wanting to do a denial of service
> attack or similar. 

There's literally dozens of DOS "attack tools" out there already.
They're unfortunately very easy to build. A determined site-slammer 
going to use quite different technology than my crawler, in any case,
e.g. http://grc.com/dos/grcdos.htm

What I've built is a simple url-slurper, which resides on a proxy
server (not deployed on desktops), and is only invoked under very
particular circumstances. The results are immediately incorporated
into the server's database, so that anyone else receiving that spam
benefits from the extra information. Under this kind of deployment
scenario, a spam site only needs to be crawled once. Then we've got
him nailed!  :)


More information about the Spambayes mailing list