Slashdot Mirror

Good point. Conspicuously lacking in their list of things ISPs should do is "Provide ample staffing for your abuse desk, give them adequate power to shut down abusers, and respond quickly to abuse reports."

If every ISP had an Afterburner-esque person in charge of the abuse desk, then the amount of spam-support sites, trojaned zombies, and general malfeasance would go way down. To all you ISPs who redirect abuse@ mail to /dev/null: wake the hell up and start becoming part of the solution.

Gee... It's been almost 5 years to the day since the UDP of UUNet was cancelled. They are spamhaus' top hosting site for the spam gangs now. They have a history of writing pink sheet contracts with spammers because they can leverage their peering contracts to make outgoing spam profitable for them. Of course they will ignore the community's complaints, like most 800 pound gorilla's do. And they are known to employ their legal team to harrass those who wish to shame them in public.

Gee... It's been almost 5 years to the day since the UDP of UUNet was cancelled. They are spamhaus' top hosting site for the spam gangs now. They have a history of writing pink sheet contracts with spammers because they can leverage their peering contracts to make outgoing spam profitable for them. Of course they will ignore the community's complaints, like most 800 pound gorilla's do. And they are known to employ their legal team to harrass those who wish to shame them in public.

This already happened on Usenet, some years ago...

S.P.U.T.U.M. came to mind when I read your post about "physical means".

There is a huge difference between checking whether a port is open and actively trying to exploit a security hole. You are trying to blur the distinction between the two.

Rule #1. Spammers lie. "I'll cease and desist" in a courtroom from a spammer means nothing.

Rule #2. If it looks like a spammer's telling the truth, see Rule #1. (This is the mistake the judge was forced to make - believing them in court).

Rule #3. Spammers are stupid. As evidenced by the three real-world behavior of Mr. Vale and company.

Spammers are sociopaths - the law of the Internet ("Spam me and die") doesn't apply to them, so why should the law of a judge apply to them? Thankfully, in this case, Rule #3 may have some meatspace payback.

> I hope the judge will find them in contempt of court and issue a bench warrent for their arrest. Let them get shome nice striped sunlight for a while.

I concur. I, too, would pay good money to see Bubba the Butt Bandit abusing Vale's, uh, "apricot pits" nightly on a webcam. Hell, I'd buy myself a T-3 so I could get it in 640x480 with Dolby Surround Sound.

Meanwhile, anyone remember whatever happened to TCPS and FPA, the Brooklyn spammers of "world's biggest gangbang video" and "are you being investigated" fame? I know they got their asses sued off, I just don't know where the cases are in the courts.

Next up - Scumbag Sam the Toner Man. Your days are numbered, spambag. The law's catching up to you.

SPUTUM uber alles!

Rules can always be manipulated.

So far it's only in the discussion stages, but the FEC's rules on independent TV spots is ripe for abuse. The scheme goes like this: Assume that you are trying to defeat the Hon. Cross Palmer. You register as a PAC and place ads showing archive footage of Rep. Palmer at his stupidest, along with double-meaning captioning written by a really good satirist. The upshot is that the Palmer not only becomes a public laughingstock, but YOUR budget gets charged against HIS spending limits.

It's the TV equivalent of a Joe-job. The same tactic works even better on the Net. You register as a PAC and put up a page on Geocities with the Best of Palmer done in slack-stick and then report to the FEC listing the Geocities server farm as a contribution. Now multiply by the thousands of people who think that the public has been serviced enough by Palmer.

MUCH more practical and cost-efficient than television. But then we knew that, didn't we?

I heard of your work, though BO, and regard your group and others, including l0pht heavy ind, as a security group. However, I am left to wonder what tools you test your work with, and if you test your items on clean-installed copies of Windows (insert arbitrary version number here). It would go a long way towards deciding on running Win98 under the Bochs emulator just to secure it.

---
Spammed? Click here for free slack on how to fight it!

Thank god there's some people with brains in the state legistlature!!! Everyone spread the word, and lets get the rest of the country on the bandwagon -- Evolution must be taught. When the states explicitly teaching Evolution hits the tens or twenties, we can ask Kansas and Colorado to think again.

---
Spammed? Click here for free slack on how to fight it!

This is similar to Bernard Dove's Chakat species.

---
Spammed? Click here for free slack on how to fight it!

They should be selling the video soon. I snagged an old copy perviously, and have asked Marc (the MC) about posting a d/l-able version of the video.

---
Spammed? Click here for free slack on how to fight it!

---
Spammed? Click here for free slack on how to fight it!

NSI is screwed up big time with this deal, and the Internet community, especially those who deal with net-abuse of this type and magnitude, does not like such a bad neighbor. Forward with full headers and apropriate password removed to MAPS RBL (http://www.mail-abuse.org) and post it to news:news.admin.net-abuse.email with the subject of NSI SPAM. Also document every phone call you've made to remove the free e-mail account and pass that along too. It's time we nip NSI in the bud about this.

---
Spammed? Click here for free slack on how to fight it!

---
Spammed? Click here for free slack on how to fight it!

However, the posting from a slow connection wouldn't be affected (which is my main concern). Even if you're doing a quick one-liner it'll take a while to get it up to the server. Then pull another comment (takes a while)... yep, everything takes time! WHOOPS! The posting window just went by. You can post again. :)

Remember, the higher the karma, the lower the wait!

(I know, some like to imitate Katz, some just want to say "me too", and I rather have a four-liner or so that takes a minute or two...)

---
Spammed? Click here for free slack on how to fight it!

I think you can get away with it if you have sufficently high karma. Besides, which what I'm seeing with my own, and with others, is that it'll be insanely eazy to hit 10 or 20 point karma. The length of the comment adjusting the window a bit... If, say, you posted a concise two-liner and later at another story did a ten-line post (or the other way around, 10 lines followed by a two liner)? Now that's an idea.

---
Spammed? Click here for free slack on how to fight it!

Do we care? If you get more karma, you'll be able to get a smaller window, and be able to post more!

Further, I just happen to carefully regard what I'm planning to say long before I hit the reply link. I'm not always sure my arguments are valid before loading the posting page, so I wait and think it over before clicking that link. Many many times more often than not, I'll pass on the opportunity to post because upon further consideration, I find that I don't have anything really worthy of putting up. But when I do click the link, I'm nearly certain about what I plan to say, and can usually type it up in a minute or two, maximum, unless I'm feeling leisurely.

By that time, your four minutes (or less if your karma is high) would be up and you'll be able to post again. The time would be checked at posting. If you're in the window, you're be notified. And if I read you correctly, you'll take a minute or to actually read the article and think things through, and then write a two-minute post. Or move on.

Lastly, time-based bonuses for longer delays between clicking the post link and actually posting will just ensure that those who can't type get bonus points. Why should anyone get penalized just because they can type over 80 wpm?

It's not measured that way, it's measured between submissions of the posts (aka when you hit that Submit button). Yeah, you (or anyone else) can type 80 wpm. I can do around 30 or so. It doesn't matter since it's measured from when you hit Submit. In common useage (replying once or twice per article) it works well. If you're replying to several people in a few threads of an article, you may have a problem initally until your Karma gets high enough to decrease the wait window.

It's very similar in concept to login and how it delays.

---
Spammed? Click here for free slack on how to fight it!

So? Have 'em register! It would be 1 post per user or IP address (if not logged in) per 4 minutes (with smaller time window for good karma and larger for bad karma). Takes care of firewalled users.

---
Spammed? Click here for free slack on how to fight it!

Moderation notification: The current system is good, since putting up buttons by default for moderation when the user isn't being a moderator is going to put more load on the server, possibly crashing it again (AIEEE!!!!). Not a good idea.

Logged in but Anonymous This is worth it, but can be abused. But then, it's psudo-anomymous, so it has to be handled by users with care. Flamers? Kick 'em off.

Posting restrictions: A good writer would take about five minutes to write up a good post, with nessisary proof backing up the claim. A "Me Too!" post is under one minute. So does a cheapshot flame. I propose a one message per IP/user per 4 minutes time, with adjustments baised on Karma on the time limit (less time to wait for more Karma, more time for less). Do you really care about a subject enough to write a virtual essay, which would be moderated high, or some short statement which really doesn't add more to the topic and stays scored at one or zero? I'd say the most well written ones are ones in which some time is gotten into it, and it shows with the proof used to back it up -- and it takes time to gather that proof. The system is very tuned to how people write!!!

I wonder what my Karma is looking at now... Is there a Slashbox for Karma?

---
Spammed? Click here for free slack on how to fight it!

I'm glad you're programming it in, Rob. Even though I'm looking at things at level 1, I still see some improvement.

How about this: Allow a -2 and a -3. A -2 means that it's recorded, but only shown to moderators and Slashdot editors. If it gets moderated down to a -3, it's given 2 hours to live before it's nuked from the servers and the modpoints returned. The user or IP will only have a -1 attached. That way, it'll take three moderators to nuke a post, and all three take the blame, but we won't have any sideeffects.

---
Spammed? Click here for free slack on how to fight it!

Will the e2fs compression patches (at http://opensource.captech.com/e2compr/) be put in the mainstream kernel? What is the maximum state of intoxication allowable to be working on a computer? Should /dev/penguin be manitory on all Linux distro's, or just a bundled "plush Tux"? And by the way, what's the count of penguin at your house anyway?

---
Spammed? Click here for free slack on how to fight it!

There are many books with the printed source code to GIF's LZW compression scheme. Some dating back to the 1980's. What can Unisis do, force a recall?

And then the source code to LZW itself is spread far and wide. It's in libraries written in C, in plain C code, plain PASCAL code, heck, even QBASIC code! It's too far wide-spread.

The courts are going to have a field day when this hits the fan.

In addition, I hear that IBM also has a patent on LZW too. This may be a rumor, but wouldn't that invalidate Unisis' claims?


---
Spammed? Click here for free slack on how to fight it!

First of all, MAPS' RBL lists mail servres which get blocked, and it does it in a surgical manner. It is very slow and careful about which servers it blocks. Take Real Networks. It only has ten servers on the list -- the spam spewing servers. Normal communications not using those servers is unaffected.

Second, the RBL only blocks mail servers and the SMTP service to those who subscribe to it. Since these are hard-core spammers, isn't it worth while?

I volunteer to subscribe to MAPS. I also subscribe to RRSS, the Radparker Relay Spam Stopper. A similar system, but blocks relaying servers which are broken. The RRSS is similar in design to MAPS RBL in the case that it manually checks each report before throwing it in the listing.

What right to they have to decide that AGIS should get blocked, just because they choose to provide services which someone else misuses. The right given to them by the owners of all the servers which got spammed by the downstream. AGIS turned a blind eye to the downstream repeatedly after many complaints. Heck, it had to disable ICMP pings because too many individuals were flooding their routers trying to see if CyberPromotions was still up.

Because of repeated ignoring of complaints, it was thrown in for a while. And it repented.

MAPS is a last resort tool. And NSI isn't letting up. Throw 'em in.

---
Spammed? Click here for free slack on how to fight it!

This is just part of Sun's newest rollout of the Java platform. They're also tossing out Edition versions, with a "Micro" edition for Palm Pilots. I say nice...

---
Spammed? Click here for free slack on how to fight it!

I would like to add that they'll be only blocking one server, which is the source of the spams themselves, and not any other server. Your unsolicitated notices of renewal et al over e-mail should be comming in fine if they don't use the same server that the spams are comming from.

---
Spammed? Click here for free slack on how to fight it!

The MAPS RBL has blocked whole backbones before (AGIS, for the Cyberpromotions fiasco they had). Real Networks got thrown in, even after they sent a legal threat to MAPS. MAPS has not received any orders against the listing.

---
Spammed? Click here for free slack on how to fight it!

Well, it's starting. Distributed.net got block-spammed by a broken client, and they did the right thing. They're going to lock down their client now. The previous incident had alot of reason added on to ensure security, but now...

You can't be too paranoid about security now.


---
Spammed? Click here for free slack on how to fight it!

Why? You just have to telnet (or better off, ssh) into the box you've got Samba running and manage it from the command line (or with ssh, using X11). Why port BO to Linux when it's locked up tighter than what Microsoft can do with Win-Anything at this time?



---
Spammed? Click here for free slack on how to fight it!

The Spamkilling Personal Interface (Tactical, Enhanced). Tis a very nice tool.

I take it you gotten spam through your normal e-mail address?

Don't 'cha know that spam comes postage due?

Yep. It's tacked on your ISP's bill. The ISP has to keep adding more mail servers to handle the load spammers put on 'em. Some even attempt a "scan" from a dialup. In all cases, it costs your ISP money, and in turn, you.

I like to save money, thank you very much. Which is why I complain. I get alot of nuke messages that way which saves my wallet every time.

---
Spammed? Click here for free slack on how to fight it!

Why do I think Linux won't kill Windows? Two reasons. The Open Source Movement's ideology is utopian balderdash. You mean that you like your dependence on upgrades which don't fix bugs? Are you sure that Microsoft's products are secure? Sheesh, we already have holes in Win95, Win98, and NT 4! You have to pull patches to lock 'em down and be secure on the net, and yet still not be able to be fast enough to keep up with the continous hits on the Internet. Server software it isn't. It wasn't designed to be server software. I doubt Win2K will be server software. Besides, Linux and the Open Source Initiative is not just theory, it is fact. Alot of security patches go out for Linux and it's utility programs. Linux had a fix for the Pentium FOOF bug within a week, and that's not with Intel's help. Microsoft brushed it off, saying that it's products are for single users only!

And Linux is 30-year-old technology. Relibable 30 year old technology that's secure, and recoded, reapplied, and rewritten for current hardware. Also, many components such as GTK, GIMP, and IMlib are new software and toolkits, not 30 year old technology.

A Soviet Linux lies ahead, with successive five-year plans every three. Nope, we haven't had any shootings yet...

OK, communism is too harsh on Linux. Lenin too harsh on Torvalds. It's actually Socialism, not communism (which the two get so mixed up it's suprizing you even mention it). Socialism, by Karl Marx, dictates that everyone, not the government(that's Communism), owns everything. Marx also states that it will be a slow progression into Socialism. Communism got screwed up by Lenin et al trying to speed things up. Guess what Russia got into now?

If North America actually went back to the earth, close to 250 million people would die of starvation before you could say agribusiness. When they bring organic fruit to market, you pay extra for small apples with open sores -- the Open Sores Movement. Negative. My local Giant supermarket chain carries organic, "Back to earth" style apples. They're the same size and with no open sores, no defects, no bugs as the ones treated with chemicals. They taste the same too. Try one. They're in the next same-size pile over. Brought in from local farmers. And do some better research next time.

Stallman's EMACS was brilliant in the 1970s, but today we demand more, specifically Microsoft Word, which can't be written over a weekend, no matter how much Coke you drink. Multinational corporations are themselves technology invented to get big things done, things that sustain us in the complicated modern world. I find alot of users tripping over Word myself here in college, and I suggest to them more control in the form of Corel WordPerfect. Don't you know? WordPerfect been ported all over the place. Macs, Win3.1, Win9x/NT, Solaris, Linux, insert your favorite operating system here.... There's also alot of other good programs out there similar to Word.

The Open Sores Movement asks us to ignore three decades of innovation. Three decades of security enhancements, TCP/IP implementations (remember, Unix had the first implementation!), web servers (NCSA httpd), ftp servers, and more. Even e-mail was origionally on Unix. And before the Internet, before the first router, there was UUCP. These are innovations.

NT, now approaching 23x6 availability, is already overpowering Linux. Linux is 24/7. Virtually no maintance needed once properly set up. I have computer labs here that require me to reboot every few days just because NT's about to die. Every few weeks we have to put down a new image on a few NT computers. 23 hours/day, 6 days per week? No, we can't have that in a 24/7, we never close computer lab. It's on all the time or it's dead.

Let's hope there's something coming soon that's better than both Linux and W2K. What would that be? Java or what? Let's be looking. I'm looking, but all I see is a penguin giving me source code and saying "BBBBWWWWAAAAPPPPP!!!!"

Bob Metcalfe, you forget your computing history. Back to the university library with you.

---
Spammed? Click here for free slack on how to fight it!

Shall we romp though my lovely copies? Let's go!

>From support@slashdot.org Thu Jun 17 19:57:36 1999
>Return-Path:

We can ignore these lines.

>Received: from localhost (tygris@localhost [127.0.0.1])
> by tygris.strw.org (8.9.3/8.9.3) with ESMTP id TAA00173
> for ; Thu, 17 Jun 1999 19:37:58 -0400

FYI: tygris.strw.org doesn't exist, it's really a dialup from Erols.

>Received: from pop.erols.com
> by fetchmail-4.6.3 POP3
> for (single-drop); Thu, 17 Jun 1999 19:37:58 EDT

Can we say I worship ESR? ;)

>Received: from mx04.erols.com ([207.172.3.244]) by mta3.mail.erols.net
> (InterMail v03.02.07.03 118-128) with ESMTP
> id
> for ; Thu, 17 Jun 1999 01:42:52 -0400

From the border server to my pop server.

>Received: from mx.icp.rssi.ru (mx.icp.rssi.ru [194.85.223.7])
> by mx04.erols.com (8.8.8-970530/8.8.5/MX-980323-gjp) with ESMTP id
> BAA06613
> for ; Thu, 17 Jun 1999 01:42:51 -0400 (EDT)

From mx.icp.rssi.ru's servers to Erols. Some spammers just connect
directly to Erols and spew junk there. This isn't the case.

>Message-Id:

This tells us one thing: mx.icp.rssi.ru is broken. It should of made
it's own Message ID tag.

>Received: from mx.intra.ru ([194.135.182.7]) by mx.icp.rssi.ru
> (post.office MTA v1.9.3b **** trial license expired ****)
> with ESMTP id AAA232 for ;
> Thu, 17 Jun 1999 09:41:11 +0400

Well, at least it's recording the IP address. However, post.office
(unlike Sendmail) defaults to relaying, which is a Very Bad Thing(tm).

>Received: from ras1.icp.rssi.ru by mx.intra.ru with SMTP (Microsoft Exchange
> Internet Mail Service Version 5.0.1458.49)
> id MQ9VDJNV; Thu, 17 Jun 1999 09:40:21 +0400

EW! mx.intra.ru is running non-IP-recording Microsoft Crapware!!!
Extreemly Bad Thing(tm). What are they running, NT?!?

>From: "slashdot.org"

We can start ignoring stuff now.

>To:
>Date: Thu, 17 Jun 1999 09:44:07 +0300
>Subject: Dear Member of slashdot.org (tygris@erols.com)
>Reply-To: support@slashdot.org
>Organization: slashdot.org
>MIME-Version: 1.0
>Content-Type: multipart/mixed; boundary=XX92BD92BC-008992BDXX
>Content-Transfer-Encoding: 7bit
>X-Priority: 3

[snip]

>Using Aureate Group Mail Free Edition
>Find out more about this product and try it
>for free at: http://www.group-mail.com/1

Spamware. news.admin.net-abuse.email knew about this and tried to get
it taken off. I think it may be a good thing to Slashdot the makers of
this product in your distain against spam.

More tutorials for the pissed off at Sam Spade's library (via
http://www.samspade.org).


---
Spammed? Click here for free slack on how to fight it!

mx.icp.rssi.ru is an OPEN RELAY used by spammers to hide their tracks. Complain to postmaster@rssi.ru about it and send this spam to them, with full headers.

The spammer is hosted via intra.ru. Send mail to abuse@intra.ru and postmaster@intra.ru with the full headers and spam and say "You have a spammer on your system which is compromizing security and profits. Please remove."

Also, visit The Radparker Relay Spam Stopper to block the relay on subscribed systems.

---
Spammed? Click here for free slack on how to fight it!

mx.icp.rssi.ru is an OPEN RELAY used by spammers to hide their tracks. Complain to postmaster@rssi.ru about it and send this spam to them, with full headers.

The spammer is hosted via intra.ru. Send mail to abuse@intra.ru and postmaster@intra.ru with the full headers and spam and say "You have a spammer on your system which is compromizing security and profits. Please remove."

Also, visit The Radparker Relay Spam Stopper to block the relay on subscribed systems.

---
Spammed? Click here for free slack on how to fight it!

Alot of customers of US West have complained about how bad service has been, and also alot of spam with sites pointing into US West's IP space has been spewing out. Getting someone who knows how to handle the business at the other end of the line is like finding a needle in a hay-filled silo. I think they're up for a nomination into the Realtime Blackhole List for not being responsive to complaints.

They don't say US WORST for nothing.

---
Spammed? Click here for free slack on how to fight it!

Oh yes, WWIV. I have the source printed out for the first version. www.wwiv.com

---
Spammed? Click here for free slack on how to fight it!

They're going to have a hard time proving it.

---
Spammed? Click here for free slack on how to fight it!

The MAPS RBL should be manditory (it's availible with Sendmail), but ORBS is more radical in it's relay checking. It's very similar to a UDP but invoked often for lesser reasons. A better Relay blocker, the Radparker Relay Spam Stopper (RRSS), is availble and practices the same goals as the MAPS RBL in respect to open relays.

If every admin read news.admin.net-abuse.email and .usenet, then the world would be less spam-free.

---
Spammed? Click here for free slack on how to fight it!

The MAPS RBL should be manditory (it's availible with Sendmail), but ORBS is more radical in it's relay checking. It's very similar to a UDP but invoked often for lesser reasons. A better Relay blocker, the Radparker Relay Spam Stopper (RRSS), is availble and practices the same goals as the MAPS RBL in respect to open relays.

If every admin read news.admin.net-abuse.email and .usenet, then the world would be less spam-free.

---
Spammed? Click here for free slack on how to fight it!

If every admin would utilize the MAPS, the ORBS database, and participate in these UDPs, the world would be a remarkably spam-free place.

-1 is for Troll in the sence of annoying idiot who just wants attention. Best way of dealing with them is to ignore them, and the moderators score it apropriately.

---
Spammed? Click here for free slack on how to fight it!

If it's the latter, maybe adding extra capacities (say, extra arms, eyes, or even fingers) could optimize the system. Multitasking at it's greatest. It's been proven to work, according to Anormalities and Curiosities of Medicine dating back to the 1800's. You'll need to use Project Gutenberg to find the text.

---
Spammed? Click here for free slack on how to fight it!

Slackware doesn't have this problem, thankfully. It depmod's /lib/modules/[version loaded number here] every time, so there's no conflicts.

I belive I have under /lib/modules:
2.2.6
2.2.7
2.2.8
2.2.9
... but no default!

---
Spammed? Click here for free slack on how to fight it!

Sigh...

Shel, Theo... Will the last one out please turn off the light?

---
Spammed? Click here for free slack on how to fight it!

But this means we could see a way of speeding up Distributed.net's RC-64 contest!!!

---
Spammed? Click here for free slack on how to fight it!

Running deathmatch on it through UNC, and my Pentium MMX 200 w/a passthrough Voodoo 1 card worked well. I think I got 10 frames per sec or more, but I can't tell.

---
Spammed? Click here for free slack on how to fight it!