Slashdot Mirror
New Spam Frontier: Referer Logs
geoffsmith writes "Wired News is reporting that spammers are using referer logs as a cheap new way to
spam small sites. Anyone running a website has probably already seen this phenomenon; I'm thinking of writing a script to remove these entries from my access_log by looking for hits that don't grab my images. (sorry lynx users!)"
In the regular prefs and the "quick prefs" (F12 under Windows version) Opera lets you turn off referrer logging. The only time I need to turn it on is certain sites, like my credit union, which is no big deal...
I should put something clever here. Maybe someday.
255.255.255.255 - - [27/Oct/2002:00:00:00 -0000] "GET /perfectly/valid/page/at/yoursite.html" 200 2467 "http://www.wilddonkeysex.com_for_Wild_Donkey_Sex/ " "(SpamBot5000)"
and then people looking at the report would say, "hey, the page at wilddonkeysex links to my perfectly/valid/page and it's getting like 500 hits a day from there, woo! let's click on that url and see what the link to my page looks like!"
-calyxa
Decay! Decay! Decay! -Helium
Haven't Microsoft started using brightmail to filter spam from hotmail?
According to MS themselves: Brightmail to Deploy Server-Side Technology on MSN Hotmail
This might be something to do with it...
I think it's more than the web site's owner clicking on the page - a lot of bloggers post a list of "top referrers" on their web site as a way of thanking the referrers, and therefore they generate a lot of traffic to their referrers from their own visitors.
I just block the adds and that's enough for me.
Two posts in a row so I had to comment: The abbreviation for advertisements is "ads", not "adds". Carry on.
Please do not equate civil disobedience and P2P. Civil disobedience is essentially something you do in the open with the intention of getting caught and possibly prosecuted.
If you want to learn about what civil disobedience really is, check this or this out.
If you think that the Internet is the most active battlefield today, you need to visit a few places.
Robots are everywhere, and they eat old people's medicine for fuel.
It's nice, as a site operator, to know where your guests are coming from. A good portion of my visitors come from Google and other search engines. The referrer log lets me know what they were searching for, and in nearly 95% of the cases they were looking for a specific topic on my site. I can send them directly there, give them a specific welcome message if they haven't been to my site before, etc.
Furthermore I can restrict traffic for some areas of my site (like some sites that block links from slashdot) for particular reasons or uses. "You just came from the page of an associate and are able to receive a discount." "This page is restricted to users of xyz.com. Please go there first."
Lastly, it protects my image content. My images are not stellar, and yet other sites continue to use them on their pages. I can use the referrer to limit the damage done by only allowing the images to be referred by pages from my own site.
Referrer information may be annoying to you, but it's an extrememly useful tool. If taken away one restricts opportunities for the site operator to personalize and protect content on their site. Not a huge loss, but it isn't really as great a privacy issue as you seem to believe.
-Adam
Several weblogs make their referrer lists public. To a spider, a spammed link is very hard to distinguish from a normal hyperlink. That's how the boost occurs.
how to invest, a novice's guide
As it says in the article, some blogs have automated lists of the top referrers, so that visitors can see who links to the blog. And yes, we're talking about bots sending fake referrers.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
I agree. I don't mind spam if it applies to me. I even sometimes give these a click through, even though I can't afford what they're selling. BUT, when I receive 3 enlarge you cock ads in one day, that just sickens me. I don't have a credit card and I get at least 1 consolodate your debts ad a day. I get mortgage ads and car loan ads, but I don't have a house and I don't technically own my car. If I got an ad selling me a Tungsten|T (despite what you think, I kinda like it) or an iMac, I would give them a click through and take a look-see. It's called "targeted advertising." I think the tv networks got it down pretty good, now the NET advertisers need to figure it out.
Some actual web logs for these spammers :
adsl-64-173-20-67.dsl.sntc01.pacbell.net - - [22/Oct/2002:04:04:33 -0700] "GET / HTTP/1.0" 200 4636 "http://www.successmath.com/viral.shtml" "Mozilla/4.0 (compatible; MSIE 4.5; Windows 98; 518.5546875)"
adsl-64-161-26-73.dsl.sntc01.pacbell.net - - [27/Oct/2002:17:10:24 -0800] "GET / HTTP/1.0" 200 4636 "http://www.datashaping.com" "Mozilla/4.0 (compatible; MSIE 4.5; Windows 98; 147.5830078125)"
There's plenty more, those are the domain names I could remember.
Marc
15.1.3 Encoding Sensitive Information in URI's Because the source of a link might be private information or might reveal an otherwise private information source, it is strongly recommended that the user be able to select whether or not the Referer field is sent. For example, a browser client could have a toggle switch for browsing openly/anonymously, which would respectively enable/disable the sending of Referer and From information. Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol. Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission of sensitive data, because this will cause this data to be encoded in the Request-URI. Many existing servers, proxies, and user agents will log the request URI in some place where it might be visible to third parties. Servers can use POST-based form submission instead