Slashdot Mirror
Taking On A Spammer
_QED was the first of an onslaught of users to submit a story about a programmer who got his domain forged by a spammer and took action. I don't know if this is real and I'm certainly not suggesting doing this yourself, but this is an extremely interesting story.
Did you even READ the ICQ logs???????
These low-lifes routinely INSTALLED PCAnywhere on their machines so they could work from their laptops in bed!!!! Getting in was a no-brainer!! And they didn't know sh*t about the technology!!! They had a revolving door of script kiddies that had to set up their systems!!! They only knew what the script kiddies taught them!!
And check out some of the other URLs mentioned - they are all there! (like silver-shamrock.com)
"We have heard the BS alarm.....and it is you!!!"
If you have a problem with spam, FIRST, secure the domains with Nessus.
THEN, configure your mail server to bounce mail with broken headers.
THEN, follow the Advanced Networking HOW-TO to set the queue for TCP connections to port 25 to a much smaller value.
Finally, only accept connections from hosts with a valid IDENT response.
Chances are, your average spammer won't be capable of forging any e-mail that can pass through even rudimentary security, such as this, without having to reveal their true name & true e-mail address. Something your typical spammer is unlikely to do.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
We need a technological solutions to this problem, not a legislative. If there was no method to fake e-mail then this wouldn't be a problem.
Your idea about sending a fake bill to spammers is a very BAD idea. By sending them email, you verify your existence. Once your address is verified as "legit", what happens? You get more spam. For the same reason, never click on their "click here to opt out" links!
I'd advise using Spamcop (spamcop.net) The free part of SpamCop un-obfuscates the email header information, then allows you to automagically send a letter of complaint to the appropriate authorities. Personally, I've seen several accounts (email and website) disappear after I've used Spamcop against them. It's quite satisfying. Spamcop also has a fee-service for filtering email (which I haven't tried yet).
I hope this helps!
Ceci n'est pas une pipe.
Oh boy, just what we need: a new way to discourage Spammers. I can see it now.
Spammer's phone rings.
``Hello?"
``Yeah, hi! Is this $SPAMMMER?"
``Why?"
``I got a copy of your spam, the one about the web site that promises ``Real Time Lezbo S&M Action". I gave it to a nerd buddy, who tracked you down. I decided to come on over & see you perform."
``If you come over here, I'm gonna call the police on you."
``I already talked to the chief of police in your town. He's pissed that you sent his child a spam advertising that web site about ``Old MacDonald & His Cow", so he's coming over too. In fact, that's his car sitting in the driveway. If you perform well with Mistress Domme, he's willing to drop the charges. Be sure to ice down the beer!"
Jeez, I'm about to blow all of my karma on this one sick joke.
Geoff
I think I see a trend here. Maybe for them it really would be easier to muzzle the entire internet than to produce p
This is absolutely REAL information. I checked out the list of anti-spammers that he got off her computer, and MY NAME WAS ON THE LIST.
You can see for yourself. pdrap@ctp.com, pdrap@concentric.net and pdrap@cris.com are all on the list. Those addresses are no longer active, but at one time I did a helluva lot of spammer killing with those addresses.
I was skeptical too, but after considering it all night, it makes much more sense that he snagged the info using Back Orifice than the notion that he made it all up. Particularly so since the data appears to be accurate.
If tits were wings it'd be flying around.
I agree. The complete lack of any technical information on the hacking seems pretty suspicious. I do know of at least 6 different ways to get into a windoze machine and do this, but all of them take a little time and effort. Given the detailed amount of other info, I'd expect a little bit on the hacking.
There are other incorrect technical details which would point to this poster being more of a user (ex-spammer) rather than a system administrator. The "blank Bcc: line" comment is wrong, because Bcc: is a function of the MUA, once it gets sent to the MTA over SMTP, every one of those addresses is converted to an RFC821 RCPT command.
I got the exact same feeling from this whole affair as you have, an ex-spammer disgruntled he didn't get paid for something. He/She had some time alone with Rodona's laptop, and copied a bunch of stuff onto some floppies or ftp'ed. With a little fixing up to appear as an agrieved sysadmin to throw his ex-employers off the scent.
Spammers and telemarketers are all fair targets for retribution, whether through hacking or social engineering (the sex survey, FBI hotline, others)
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
There are mirrors at:
:)
http://elias.rhi.hi.is/premier.cl uelessfucks.com/
http://cow.org/~noise/belps.freewebsi tes.com/
http://homepages.manawatu.net.nz/~alanjb/
There is also some interesting posts at an old mirror here:
http://premier.cluelessfucks.com/ (gotta love that domain name!)
This is great information... where else could you find out how many freckles are on a spammer's ass
------
IanO
------
Objects in Mirror are Losing!
You know something. I find it very disgusting how so many people who advocate an anonymous internet when it comes to file sharing on Napster, and so forth, but the MINUTE they get spammed, they are all shouting about accountability and how we need better records of who is using the internt.
People, the internet is both accountable and anonymous. Basically, if you want to be anonymous, it's not that difficult to do so. And, if you want to be accountable, you can do that too. The point is, spammers will always fake headers in some way, and "illegal" mp3s will always move anonymously through non-logging proxies, and people will continue to put up webpages showing off their new Corvette, including exactly where it's parked at night, and where in the garage the keys are stored.
The only combat we have against Spammers, is the capitalist approach. Spammers would not be in business, if not for all of the nullheaded PR people who feel they need to mass-market the internet cheaply. And there is nothing expensive about loading up a bulk email program and sending mail to a half-million people.
At my company, we urge our marketing department to stay away from companies who want to send out spam on our behalf. And we've batted 1000 so far (thank god). I feel that we're doing our part by not supporting companies whose only product is unsolicited email. So if you ask me about the "big picture" of stopping SPAM, my answer is simply, stop paying them to do it.
Just reading the first page causes me to shudder at the way it's written.. Take this quote, for example:
... Finally on the fourth day my digital pager went off. The message on the LCD read; "Spammer is on-line!"
By carefully examining the email headers and message body of previously sent spams I was able to identify a unique signature that appeared in every email the spammer sent. I designed an email filter to detect this signature, and placed it on the mail gateway of a high volume Internet mail server
The above just makes me laugh, if you ignore the question of, "how'd you get that filter program on the 'high volume internet mail server'?" Did you use your h4x0ring sk1llz, or was it your own for your business of providing advanced TCP/IP know-how?
Once I had escalated my remote access to that of a full privileged local user
We're talking windows 95 here.. At least judging from the screenshots. EVERY user is fully privileged.
There was only one way to find out how many of them were forging my domain. I was going to have to hack them all!
I love that quote. It sounds like it came straight out of "Hackers."
Regardless of whether or not it's fake, it's entertaining in two ways -- once as a fantasy tale of someone taking revenge on spammers, and once as a badly written overly dramatic technical article from an advanced TCP/IP know-how provider who can use advanced tools like NSLOOKUP and WHOIS...
--- Where's my X.400 protocol decoder?
This was a long time ago, and I don't feel good about it now. I don't know what happened to the guy, but given what he appeared to be up to he might easily have been disciplined or even sacked. In some senses he deserved it, but...
My 'victim' (and this poor dork Rodona Garst) are low-life - nasty, but also pretty stupid. Many of the new generation of Net users simply don't appreciate how the net's resources can be used to collate information about them, how much about themselves they reveal.
There may be many people in Clarkesville, TN reading this story now - /. is widely read, and, significantly, is widely read by journalists who may take up the story. By publishing personal details about them we risk stirring up something like a lynch mob - not necessarily in this case, but the potential is there.
Don't get me wrong - I dislike spammers and scammers and borderline criminal sleazoids as much as anyone, and there's no doubt that this Rodona is a sleazoid. The issue is the power of the medium which is being used against her. Yes, sure, it's the same medium that she has been using against others; but it is also a very powerful medium.
It is, I think, appropriate to make evidence of this sort about this sort of people available to their local police office if you think a crime is being committed (as appears to be the case here); but given that sleazoid lowlife are often not the best balanced of people psychologically, we may be whipping up a storm of hatemail and hate phone calls which may cause harm out of proportion to the crime.
I'm old enough to remember when discussions on Slashdot were well informed.
All that I can see in "Man in the Wilderness'" claims are a few addresses and phone numbers that anyone could come up with using WHOIS and one of the gazillion phone directory web sites. His claim of capturing a screen shot of the spammer's computer is just outrageous...Windows may be full of networking holes, but c'mon...
I don't doubt that he was spammed...and I don't doubt that he was spammed by the spammers that he's claiming to have cracked. But I think that almost everything on that web site is made up.
Sure, he probably feels good that he could associate some names to the pages that he posted, but the text reads like a really bad detective story.
Maybe I'm wrong, but looking at the story with an impassioned eye sure makes it look like some guy with an ego and an axe to grind needs to take a creative writing class.
-h-
I would tend to agree with the consensus that although it's a cool story, it is probably not true. I would just think that if that many AOL usernames were snagged, we would have heard about somewhere else. Anyone have any more info? As an active member of the anti-spam community. I would like to attest that everything here checks out. It's legit. It's also outrageous and amazing, but none of the anti-spammers has managed to poke any major holes in it; and they're a very suspicious bunch. Premier has been on the anti-spammers' radar, but hasn't drawn any abnormal amount of attention up to now. However, that has changed now that this information was released. I suspect the spammer's ICQ accounts are going to have to be changed from the sheer volume of anti-spammers giving them grief. I've seen quite a few logs of post-hack discussions; they're making all sorts of lawyer threats. Which would be suicide, of course, because that would bring even more publicity, something they can't afford.
--
First off, this story was on k5 yesterday. At that time, the site was still accessible. I wonder whether all mirrors have got antifile.zip - which includes 4 MB of email addresses of people who replied to get off Rodana Garst's mailinglists. I would never have put that file online. .procmailrc filter on the headers.. :)
By the way, the archive didn't shock me because of Rodana's pictures, but because of the size of antifile.zip - if those people are only the ones who hoped to get removed from Garst's List (I found five of my co-students on it), how big must the full archive be?? Twenty million email addresses? Forty? One billion?
We are just some toy in the spammer's hands. I'm never going to reply spam again "to be removed". Deleting is the only thing that helps. Well, I could put up a
That's my theory. There's a strange mix of truth/technical vagueness that makes some of the hacking implausible but the reality of the company irrefutable. Now - do these folks actually spam? Who knows. But the phone numbers are certainly valid. Most of the names are probably real, so who knows?
So I'm gonna say that this is some ex-employee who pulled a bunch of stuff off of his co-workers' drives before bailing. All in all, a pretty admirable example of workplace sabotage. Bob Black would be proud.
-carl
. We've got computers, we're tapping phone lines, you know that ain't allowed - Talking Heads, "Life During Wartime"