Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Spam Frontier: Referer Logs

Posted by timothy on from the die-spammers-die dept.

geoffsmith writes "Wired News is reporting that spammers are using referer logs as a cheap new way to spam small sites. Anyone running a website has probably already seen this phenomenon; I'm thinking of writing a script to remove these entries from my access_log by looking for hits that don't grab my images. (sorry lynx users!)"

11 of 252 comments (clear)

  1. The spammer speaks... by reaper20 · · Score: 5, Interesting

    "I'll adapt or I'll discontinue. I'm not planning on becoming the major annoyance of the blogging world.... I'm not too worried my reputation. Marketing is all about being innovative, different, adaptive, taking risks and knowing how to use the technology. I'm trying to be all that."

    Heh, it's funny that this guy can make this statement and expect to be taken seriously. It's even more pathetic that he actually thinks he's "innnovative".

  2. Lynx users? by Anonymous Coward · · Score: 5, Funny

    (sorry lynx users)

    Don't worry. It's highly unlikely that any of the 4 current users will visit your website anyway.

  3. In other news... by CySurflex · · Score: 5, Funny

    Windows users are complaining that Microsoft is filling up their computer's System Event Log with spam about illegal exceptions and page faults.

  4. referer information should be disabled by default by jukal · · Score: 5, Interesting

    I don't know who started it - but I find it very odd that browsers send referer info by default. Why? It does not provide anything extra for the user but problems. It is not once or twice that you find URLs to "confidential" pages if you browse through your webserver logs. And... I bet 95% of web surfers do not even know that they are sending this information all the time. Is there really any reason why the default is to send the referer info? I have seen people riot on much less important privacy issues. Why not about this? The referer plague exists in almost all browsers - and only in few browsers you actually can easily turn it off. What's going on?

  5. Re:huh by calyxa · · Score: 5, Informative
    no, they hit the page with their link in the referrer field. some sites post reports from their web logs showing where hits are referred from, so it'd be like:

    255.255.255.255 - - [27/Oct/2002:00:00:00 -0000] "GET /perfectly/valid/page/at/yoursite.html" 200 2467 "http://www.wilddonkeysex.com_for_Wild_Donkey_Sex/ " "(SpamBot5000)"

    and then people looking at the report would say, "hey, the page at wilddonkeysex links to my perfectly/valid/page and it's getting like 500 hits a day from there, woo! let's click on that url and see what the link to my page looks like!"

    -calyxa

    --
    Decay! Decay! Decay! -Helium
  6. Re:They will never stop. by kryonD · · Score: 5, Interesting

    True, but at the same time wrong. Has anybody else noticed that the internet is currently the most active battlefield in hostory?

    Lowlife (but capitolist god bless 'em) pigs generate spam to sell their penis enlargement scam and mail clients develop ways to filter and block email. Distraction.

    Distributed Denial of Service attacks attempt to shake the very foundations of the NET through bandwidth flooding and sysadmins implement redundancy and load balancing. Jamming - Frequency Hopping.

    Remote exploits and virus appear everyday and patches are generated quickly for the more quality OS's and virus updates are required daily for Micro$oft OS's. Infiltration.

    Governing bodies exist that the people disagree with such as the RIAA and MPAA. Demonstrations are held in both violent(DDoS) and non-violent(civil disobedience of P2P) manners. Revolution.

    Needless to say, civilization has managed to survive for thousands of years despite man's desire to control everything including his fellow men. I think the internet will find a way.

    --
    I've dirtied my hands writing poetry, for the sake of seduction; that is, for the sake of a useful cause. --Dostoevsky
  7. Re:*sigh* by Dyolf+Knip · · Score: 5, Insightful
    The few stats I've come across regarding spam 'success' suggests that if they get more than a dozen responses (excluding the fools who actually send back "Take me off your list") per one million emails they're having a good day.

    [Wishful thinking mode ON!]
    This implies that there are, maybe, all of 10,000 suckers who keep every spammer on the planet in business. If we find them and cut them off, spam response would drop to about 1 per billion and there's just no way they could make any money off of that.

    --
    Dyolf Knip
  8. Re:referer information should be disabled by defau by jukal · · Score: 5, Funny
    I have come across a few sites that use the refer info to let you access files and images, so other sites can't just link directly to the file.

    Yes, referrer information makes an excellent authentication scheme for highly confidential system dealing with transfer of mission critical information. ... Just also check for a magic string in the user agent and voila! trusted computing reinvented. To make it unhackable - just add a few more levels of obfuscation. ;))) The sad part of this, is that I have actually seen authentication schemes like this. Don't know whether I should cry or laugh :)

  9. Re:They will never stop. by IIRCAFAIKIANAL · · Score: 5, Informative

    Please do not equate civil disobedience and P2P. Civil disobedience is essentially something you do in the open with the intention of getting caught and possibly prosecuted.

    If you want to learn about what civil disobedience really is, check this or this out.

    If you think that the Internet is the most active battlefield today, you need to visit a few places.

    --
    Robots are everywhere, and they eat old people's medicine for fuel.
  10. Re:referer information should be disabled by defau by stienman · · Score: 5, Informative

    It's nice, as a site operator, to know where your guests are coming from. A good portion of my visitors come from Google and other search engines. The referrer log lets me know what they were searching for, and in nearly 95% of the cases they were looking for a specific topic on my site. I can send them directly there, give them a specific welcome message if they haven't been to my site before, etc.

    Furthermore I can restrict traffic for some areas of my site (like some sites that block links from slashdot) for particular reasons or uses. "You just came from the page of an associate and are able to receive a discount." "This page is restricted to users of xyz.com. Please go there first."

    Lastly, it protects my image content. My images are not stellar, and yet other sites continue to use them on their pages. I can use the referrer to limit the damage done by only allowing the images to be referred by pages from my own site.

    Referrer information may be annoying to you, but it's an extrememly useful tool. If taken away one restricts opportunities for the site operator to personalize and protect content on their site. Not a huge loss, but it isn't really as great a privacy issue as you seem to believe.

    -Adam

  11. Backlinking by CaptainSuperBoy · · Score: 5, Insightful

    Backlinking, or posting your referral logs, is doomed to failure and rightly so. It's just a glorified way of making your site into a link farm, with the expectation that your fellow bloggers will do the same. It is serendipitous that this practice is open to 'abuse' although I would never call the abusers spammers. They are just utilizing a method for submitting data that the site owners themselves have provided. I don't see any reason to call this 'spam' since the site owners are inviting users to submit data through HTTP referral headers.

    Also, this quote from the article is ludicrous: "bloggers are not thrilled, even though they ruefully admit that the log spamming may falsely boost their ranking on some search engines."

    There is no search engine that bases your rank on the number of sites that you LINK to. I believe the bloggers actually mean that they're sorry to see their backlinks (read: link farms) go, since those do in fact raise search rankings. What a travesty- Sites may have to rely on the actual quality of their content, rather than trading links!

    Amidst the alarmist cries in the article, "spammers will destroy our practice of posting referral logs," nobody has even mentioned that there is a ridiculously easy technical solution. Before posting a referral link, why not just have your software visit the referring site and detemine if it actually links to your page? This will defeat the referral advertisers.