Slashdot Mirror

The ip would get found some of the larger sites like http://www.projecthoneypot.org... in the wild.
An internet provider could then suggest an AV scan of that accounts connected "computers".

http://www.projecthoneypot.org...

Not even close to accurate.
Here is honeypot, who has been fairly accurate.
Here is Spamhous, which is so-so on stats, but better than many of the security shops.

...what you may have to deal with.... This forum board has been closed for quite some time and still I get tons of registrations....
http://abstractionphysics.net/phpBB2/

Maybe consider contributing to a honeypot should you chose to pursue a forum. https://www.projecthoneypot.org/

I've been using Cloudflare for my DNS hosting since the beta days and they are an outstanding group of individuals. Their free DNS hosting is top-notch, with no pressure to upgrade to the paid option. They are some of the same people behind Project Honeypot. It's good to see firms like Cloudflare stand up and be counted when free and open access to information is threatened.

I think we will see the "increase the cost of attack" model be one of two solutions going forward. It will work well for highly organized organizations as well as small individuals. However, a large portion of the entire population will not take the necessary steps and will still be "low cost to attack" ultimately succeptable to anonymous-type attacks.

The second 'solution' will be a more active defense. Right now, people attack computers because the chance an unsuccessful attack will have a negative impact on them is basically zero. And the impact of a successful attack is much more likely to be positive (for the attacker) than negative. This also makes it very easy to practice attacking, particularly for people in other countries without the laws or will to deal with it. What we need is an active approach to our defenses. If you catch someone attacking, profile them and deny them access to services, wall them off to only access useless data, and deny them attack opportunities the next time they come knocking. This could be done by major organizations for themselves. Also, companies like Google or ISPs could provide this service for all hosts within their sphere of control. Some parts of it could even be automated and placed on servers and network gateways, (similiar to project honey pot or bad behavior.)

China isn't even on the list for the last 30 days:

#1 India (18.3%)
#2 Brazil (9.5%)
#3 Russia (7.0%)
#4 Ukraine (5.1%)
#5 Vietnam (3.9%)
#6 Italy (3.3%)
#7 Germany (3.1%)
#8 Thailand (2.8%)
#9 Kazakhstan (2.5%)
#10 Romania (2.5%)
#11 Colombia (2.5%)
#12 Argentina (2.3%)
#13 Indonesia (2.3%)
#14 South Korea (2.2%)
#15 Taiwan (2.0%)
#16 United States (1.9%)
#17 Great Britain (1.9%)
#18 Poland (1.8%)
#19 Morocco (1.7%)
#20 Pakistan (1.6%)
#21 Peru (1.5%)
#22 Spain (1.4%)
#23 Israel (1.4%)
#24 Saudi Arabia (1.4%)
#25 Chile (1.3%)

Source. (Click "top 25", then select "last 30 days".)

For all time, the top 5 are:
#1 China (10.1%)
#2 Brazil (8.9%)
#3 United States (7.4%)
#4 Germany (6.5%)
#5 Russia (6.0%)

ICQ is used in FSU via a convenient client "Qip" http://qip.ru/ Almost nobody is using an original ICQ client.

I think the US and RF governments should fight cyber-crime together.

Businesses in the FSU usually have a low profit margin. At the same time, the USA is one of the top spam generating countries http://www.projecthoneypot.org/spam_server_top_countries.php

Spam kills our businesses in FSU because colleagues spend a lot of working time on dealing with it. Spam filters do not help anymore. This is an area where the RF government should be interested in cooperation with the US authorities to reduce the amount of spam incoming into our businesses. Without an international effort this problem can not be solved.

I guess there could be criminals who may use ICQ, but I know for sure that there are criminals who flood our servers with spam. Significant part of this spam has the US origin. So there is a vast field for law enforcement agencies to cooperate.

For example, a mobile police team from Russia could bust a spam kings, say, in Alabama, destroy spam servers and go home in Russia. It is much harder task to do for local cops. And vice-versa. A team of the US police officers could bust, say, a soft pirates' sweetshop somewhere in Siberia and go home after destroying the illegal production and equipment. Again it is not an easy task for local police to come and destroy a business, even an illegal one.

Nowadays when we are in one and the same network it would be more productive to cooperate than to confront.

If you're not using the space, how about setting up a honeypot there to help make the world a better place?

Http:BL is a system that allows website administrators to take advantage of the data generated by Project Honey Pot in order to keep suspicious and malicious web robots off their sites. Project Honey Pot tracks harvesters, comment spammers, and other suspicious visitors to websites. Http:BL makes this data available to any member of Project Honey Pot in an easy and efficient way.

There are plugins for WordPress, phpBB, and many others. Use http://www.projecthoneypot.org?rf=32167 if you want to give me some credit when you register. Or not, whatever.

Http:BL is a system that allows website administrators to take advantage of the data generated by Project Honey Pot in order to keep suspicious and malicious web robots off their sites. Project Honey Pot tracks harvesters, comment spammers, and other suspicious visitors to websites. Http:BL makes this data available to any member of Project Honey Pot in an easy and efficient way.

There are plugins for WordPress, phpBB, and many others. Use http://www.projecthoneypot.org?rf=32167 if you want to give me some credit when you register. Or not, whatever.

(No financial incentive for referral, I'm just a stats junkie)
Project Honey Pot is a collaborative project that you can install to a web server or just stick some links into web pages, like:

Yummy Email Addresses! - They include examples to try to keep it hidden from regular users (like setting display:none).

A web bot would parse it and find a bunch of hoax email addresses (check the source and scroll to the end of the code) that, when emails are sent to them, are collected in the "project." You can also donate MXs (e.g. mail2.yourdomain.com) to give them a wider spectrum of emails to play with.

They filed a lawsuit recently and the info also goes toward a publicly available database. Interesting stuff. I joined a couple of weeks ago and my stats are already building.

The relevant thing here is that they're including forms now to catch comment spammers, not just email addresses.

Right after the OCR talk started to lead them (antispam people) in some common/working solutions, Spammers begun to use anti-OCR systems. I made a friend working at a big newspaper to test the anti OCR measures via some very expensive professional OCR software, he said it failed to read anything meaningful.

That was the day OCR as antispam became real irrelevant for me. They also figured resolution filters are coming, they immediately started to randomise gif resolutions by 1-5 pixels. There goes that method too.

About the images? I bet there are millions of "fw:fw:fw:look, funny!!!!!" messages around just having a single image. Yes, even at flickr/imageshack ages. They now drag Flickr images to mail window and send it like that.

For some people, they are "messages from their friends" and they will go nuts if they figure out that actual junk was filtered as spam. Of course, lets not go too harsh, there could be people trading family photos like that and that 12 kb jpeg becomes really precious.

I suggest the long term but real solutions: http://www.spamcop.net/ (for mail) and http://www.projecthoneypot.org/ (for web/blogs) . I even started to CC: my Microsoft Pirated software spam to piracy@Microsoft, let the evil care about evil.

I suggest you to have a look at the site Project Honey Pot (http://www.projecthoneypot.org/index.php), also discussed in a previous Slashdot post 'http://it.slashdot.org/article.pl?sid=05/01/14/20 30202'. It looks great! ISPs should install this in their sites, which should solve the problem quite simply. That's it!

WTF is going on? I'd be very interested to know just exactly what is happening here.

On the one hand we have a Gov't scheme funding a private company - not only to enforce the law, but also one passed specifically to give UnSpam the right to collect ongoing revenues. In my eyes, this is a government sponsored monopoly - ergo a BAD thing.

Then again, the scheme has failed to give the Gov't the profits they had hoped for. As you shouldn't pass laws simply to generate revenue (unless you are at least honest and call it "Taxation"), I feel halfway between "Tough shit, guys", and "You should get your asses kicked out of office".

HOWEVER, what _REALLY_ is peaking my interest is UnSpam Technologies, Inc. This, dear Readers, is the same outfit you read about 2 weeks ago on this illustrious rag, about the impending court action.

So, the questions I pose are:

1. Do we THANK Utah for funding our fight, even though it cost them tax-payers money?
2. If UnSpam actially _WIN_ $1B+ from Honeypot, who gets the money? UnSpam, Utah, or Ourselves?
3. or, do we condemn both UnSpam and the Utah politicians?

From the lawsuit mini-faq:

What happens to any money you win in the lawsuit?
        We're a long way from that, but we'd like to help out the people who have helped us. Obviously a large chunk would go to paying legal fees. Intriguingly, though, since we will know what Project Honey Pot members provided the data that ends up winning the case, maybe we'll be able to send them a little bonus. :-)

I've been running a few of their honeypots for the past two years, so hopefully one of the spammers I "caught" will wind up paying a big time settlement. Sure, it's a pipe dream, but it's my pipe dream.

Or what about a link to the Project Honey Pot page that explains the lawsuit and contains a link to that Washington Post article?

I signed up at http://www.projecthoneypot.org/ for a similar type of aservice last year. This one is a distributed system for identifying spammers and the spambots they use to scrape addresses from your website.

This one shows Harvester Visits to Your Site(s), email Addresses Issued on Your Site(s), Spam Received at Your Addresses, and global statistics. They also show an ip list from harversters and track it.

Project Honey Pot has a good tutorial on how to avoid spambots: http://www.projecthoneypot.org/how_to_avoid_spambo ts.php

Ok, so I posted too soon. Project Honeypot has some clever how-to's to obfuscate your email address.

How to avoid Spambots: "Munging" Your Address and the pages after it detail different ways (and tools) to nerf your email address.

Best way to stop them? Project Honeypot. http://www.projecthoneypot.org/

It's been done. Still going, and you can help. Don't know how effective it is, but read up
http://www.projecthoneypot.org/

I think a lot of people here are missing essential genius of this approach. Read the agreement. First, in order to be bound by the agreement you needn't simply access the page, but then subsequently sending to the address found there. If the harvester pleads that their machine accessed the page and it wasn't them then you can sue them under the CAN-SPAM Act for using automated means to harvest addresses. If they plead that they actually did it by hand, then you can sue them under the contract. Very clever.

I think a lot of people here are missing essential genius of this approach. Read the agreement. First, in order to be bound by the agreement you needn't simply access the page, but then subsequently sending to the address found there. If the harvester pleads that their machine accessed the page and it wasn't them then you can sue them under the CAN-SPAM Act for using automated means to harvest addresses. If they plead that they actually did it by hand, then you can sue them under the contract. Very clever.

Read the agreement. It's not just accessing the page, but then subsequently sending to the address. If they plead that their machine accessed the page and it wasn't them then you can sue them under the CAN-SPAM Act for using automated means to harvest addresses. If they plead that they actually did it by hand, then you can sue them under the contract. Genius!

Read the agreement. It's not just accessing the page, but then subsequently sending to the address. If they plead that their machine accessed the page and it wasn't them then you can sue them under the CAN-SPAM Act for using automated means to harvest addresses. If they plead that they actually did it by hand, then you can sue them under the contract. Genius!

Publish it. Right here baby.

You can browse the list yourself on the Project Honey Pot site and then click on an IP for more details.

www.projecthoneypot.org/bots_and_servers.php

(Or go to the site and click the prominent "Data & Statistics" button/tab)

The list is linked to right in it

http://www.projecthoneypot.org/bots_and_servers.ph p

Is it just me or half the story is one big long link??

AttackOfTheDictionaries writes "Project Honey Pot started operating back in November. The Project provides its participants with a script that generates fake webpages with unique honeypot email addresses. The end
result is that Project Honey Pot can connect email harvesters' IP
addresses with the spam received by those honeypot email addresses. Which is pretty nifty, but left some people asking how that would help legal attacks on spam. Well, it seems that some lawyer over at SecurityFocus has an answer."

This is interesting too:

http://www.projecthoneypot.org/

Lets website admins track the harvesters stealing email addresses from their websites.