[Spambayes] Latest spammer trick stymied
Chris Lowe
spambayes_discussion at cklowe.com
Tue Apr 1 10:30:40 EST 2003
T. Alexander Popiel wrote:
> If there comes to be a widely deployed tool with this sort of
> fetch-what-I-tell-you-to behaviour, then itwill get exploited
> by people wanting to do a denial of serviceattack or similar.
I'm not convinced by this.
In order to mount a good DOS attack, the attacker must effectively multiply
his bandwidth as much as possible, so his paltry broadband link can compete
with a well connected server farm. The standard techniques are to use small
ping packets that require large, 64K responses, and to use zombies that make
continuous requests.
A URL sent in an email via SMTP represents a sizeable amount of data, and
unlike ping packets involves establishing a TCP link.
Only a fraction of the recipients will follow the URL.
Bandwidth-consuming images are not going to be downloaded by the crawler,
just text.
So I don't believe an attacker will consider spamming URLs to millions of
recipients an effective way to use his bandwidth to eat up the target's
bandwidth.
Cheers,
Chris.
More information about the Spambayes
mailing list