Slashdot Mirror
WLANs As Spam Conduit
Saint Aardvark writes "According to this article, a honeypot was recently set up on two wireless LANs. 25% of the connections observed were deliberate, and 71% of those were to send spam. Even more reason to take care of your ether." These statistics should be taken with a salt lick...
...public vigilante executions of spammers? Kinda like a citizens arrest, but more permenant. Just a thought.
Block all ports except 80 if you have to... just don't take away my free access!
These statistics should be taken with a salt lick...
Does spam go well with tequila?
my other penis is a vagina
Spam and telemarketing calls to a persons cell phone (or any system where the person that is being called has to pay for the call) is currently illegal in the states under telecommunications act of 1989. Its the same act that allows us to ask to be put on a company's not calling list and sue if they call back. Do a google for it. Some cool ways to protect yourself using the law.
No.
what about the other 4%... was that accidental?
www.necroticobsession.com
Wait, so this company, "Z/Yen," has determined that 71% of malicious connections to wireless networks are used for sending spam, and they've done so on the strength of setting up a grand total of two WiFi hotspots in one unspecified city (which I assume to be London, because that's where they're located) for an unspecifed time span...and this leads to conclusive results? That's just stupid.
In other news, based on my survey of my apartment, 75% of people are running Mac OS X, and 25% are running Linux.
-Waldo Jaquith
Umm... First, this means that 75% of the connections were not intentional? Is this the equivalent of 75 people saying they're sorry for stepping on your toes, while 25 people did it on purpose?
Second, define "emails". Is that 10? 10,000?
This seems a bit alarmist.
Feh.
Even port leaving port 80 isn't safe due to the Form_Mail.pl security issue that is plauging web servers all over and dumping spam into a mail spool near you.
There's no problem with keeping port 80 open. It's running an unsecured web-based non-authenticated mail relay that's the problem.
-Waldo Jaquith
So let me get this straight. As opposed to just sitting in the apartments or offices or whatever, spammers are now riding around major urban areas trying to find insecure wireless networks? This, to me, would seem to be a tremendous waste of time.
I'll admit, I don't understand why people spam; but the economics of such a thing simply don't seem practicle. The 25% would seem to be about right to me, but that 18% of the total was just for spam, just doesn't seem to add up.
Then again, as Mark Twain said, "There are three kinds of lies: lies, damned lies and statistics."
You're only as smart as your brain.
The summary misquotes the article here. 71% of the connections sent email - not necessarily spam email. I am surprised the figure wasn't higher.
Anyway it is hardly groundbreaking news that you have to secure wireless internet connections.
_____
cheap web site hosting
It's easy for the home and business admin to secure his/her AP. But how do public access places like airports and StarBucks counter drive by spamming?
Any ideas?
Remember folks, there are surly looking spammers driving through your surburbian neighborhood right now just looking to abuse your DSL connection through your unsecured access point to send spam.
So if your router gives out a DHCP address in the middle of the night, run outside in your pajamas with a baseball bat. There are spammers you need to teach a lesson.
The Internet is generally stupid
I just received in e-mail..
1) Sue for "Cable Theft" (if cable ISP)
2) Sue for "Denial of Service Attack" (since the intent of spam is to fill up your mailbox, causing you to give up real e-mails.)
3) Sue for "Espionage" if you both received a 'viagra' spamvertisement and the e-mail says it's not commercial spam, because if it's non-commercial, they were watching you through a window and wanted to notify you of viagra!
4) Is the spam for an ergonomic peripheral, like mouse or keyboard or computer chair? Or maybe, the company offers you pills to decrease your hormonones? In either case, this means they think you might have repetitive stress syndrome from using your... tool. This is either "Espionage" (they saw it), or "Intent of Deliberate Harm" (they e-mail you so much shit, they KNOW you are guaranteed to have RSS in your wrists....
5) ???
6) Profit
Cover your eyes and click this link!
The study, as presented is useless except to divide people. They might have just as well said that the internet itself was evil for enabling spam. I can say the same thing about materials used to make billboards. The RSA says, "Don't share, people." Great!
Friends don't help friends install M$ junk.
I mean, Im sure most people living near me wouldnt mind downloading pr0n with my connection, but sending spam? Even if they had said hacking I would consider that a stretch. Its not like every kiddy is a script kiddy.
Manipulate the moderator system! Mod someone as "overrated" today.
The finding doesn't surpise me much. As far as I'm concerned, a wireless lan should be considered at least as dangerous as your internet connection, and should be firewalled appropriately. What makes them more dangerous is that it's like having your users sit in your DMZ.. their laptops with wireless cards can be wide open and they don't have a clue. I guess it's just like when those users use a dialup modem account without a firewall, but because they're often connected to the corporate network via a vpn etc, they believe they are somehow more secure. They might well have a ipsec or mppe vpn active, but that doesn't usually stop windows from listening on ports 137/138/445. And how many windows users do you really think are going to run a 'personal' firewall and/or understand what they've got themselves into by going wireless.
my 'Inbox' at work is about 10% legitimate e-mail...
60% legitimate mail? to me thats like heaven...
5468652047616D65
This is showing spammers are intelligent and learning. That can't be right can it? :)
Rus
Cheap UK and US VPS
I've read repeatedly that some percentage of all email is spam. I think the number that usually gets thrown around is 40%.
;-)
Well that sure as hell isn't my inbox. I'm lucky if one in twenty message is NOT spam.
I really should get some friends though...
I'd rather be a conservative nutjob than a liberal with no nuts and no job.
My hotmail account on the other hand...
The PATRIOT act is used to define SPAM as terrorism.
I hope so... If we start hunting down spammers with the same tenacity as if they were terrorists... we'd all be better off.
I'd rather be a conservative nutjob than a liberal with no nuts and no job.
I've had an access point with public access set up in the middle of a major city for several years now, and have never seen a SINGLE spam attempt. As much as I hate spammers, I think this 'warning' is just hype.
Wireless spam? I'm thinking that's not necessarily such a bad thing. (1) wireless broadcasting objects are locatable in 3D using the proper detection tools (2) a wireless enabled laptop is deliberately radio-permeable and structured so as to pick up radio energy.
Solution: directional high powered radio emitters on the 802.11b wavelength. Target the suckas and zap the bejeezus out of 'em.
Mmmm, fried spam.
For a class I took, a professor set up a temporary mail server that we needed to use for an assignment. He of course took precautions, making sure mail was only routed to a certain domain.
But within 48 hours, the mail server was found by spammers!
He even had a great idea for anti-spam software/blocking. Set up these honeypots in different geographical locations, but don't publish the addresses; let the spammers find them. Have them accept mail as if they would route it, but do not actually send it out. We can assume any e-mails received are spam. Make a collection of spam e-mails, and have filters block out mail that closely matches all the mails the honeypots have received.
It didn't clearly state whether they checked if the unauthorized connections were actually sending bulk e-mail (spam), or just normal users using the open net connection to send out their e-mail. I could see people writing e-mails and saving them for when they happen by an open wlan.
Do any e-mail programs automatically send out pending messages as soon as a network connection is detected?
Step 1: Purchase private island Step 2: Make private island autonomous country Step 3: Cover island with free Wifi Step 4: Implement secret anti-spam laws with Singapore-style penalties Step 5: Wait for spammers to come
Ok, I admit it, I do tend to go out front of other's places and use their wireless connections. And yes, most of the time it's for email. But you have to realize that just because you're sending out a dozen or so emails, it doesn't mean that it's spam. I like to use my email client in offline mode, and so I kind of "save up" the emails to send later, and then send them all at once. It's not spam, it's just communication.
The article doesn't say they were spamming, it just says they were sending mail, then starts ranting about spam. Of course they were sending mail - that's one of the big reasons that people want to use wireless, along with receiving their email and web surfing.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
> Block all ports except 80 if you have to... just don't take away my free access!
I would if I could. I wouldn't mind sharing some of my connection with the people in my neighborhood, but security and just the nature of tcp/ip to go as fast as it can means it just ain't gonna happen. Not am I willing to set up more network equipment, VPN, etc.
I'd love to see a built in DMZ with port 80 open and bandwidth thortling if I choose to share. Heck, this would probably solve half your security issues right there. Inept users would have a working link (just web/webmail) and a much more secure home network if they didn't bother to read the instructions and just plugged the thing in. Techies and free information types would have an easy way to share access to strangers.
I live two doors away from a coffeeshop and with a second AP placed strategically near the window I should be able to get on the net from there.
It would be nice if the next Linksys or whomever's firmware update had a "share a fraction of your connection for web users" option.
A good linux sysadmin could setup a multihomed Linux server between his AP(s) and broadband and use NoCat authentication to block this sort of thing, while allowing surfing (or whatever else).
Spammers taking time to wander around war riding ?
Get real, they don't waste their time like that. They send out a billion spams on a high speed cable line then go golfing (or whatever).
I have Mac Stumbler running on my laptop and it pings me whenever I drive past a hotspot. Sometimes the hotspot will be named "public" or "public hotspot" even. (Saw a few of these in Tempe, Arizona. Was pretty amazed, and grateful).
So if you're running one, I thank you.
In the honeypot test, the first unauthorised connection to the WLANs was made in just over two-and-a-half hours.
There was a TV show in the UK that recently did something similar to this with bike theft. They left an unlocked bicycle on the high street of a northern town and set up hidden cameras to watch. Somebody nicked the bike within 30 seconds of the owner walking away. I guess spammers are a bit slower than your average criminal.
for someone who loves the idea of free(er) public networks via wireless this is a stick in the throat :/
a minority ruins for the majority once again.
can't we get rid of open email and just use private acl's?
this is what I'm going to go for my next account.
A blog I run for the wealth
How can we as a society have our cake and eat it too in regards to public wireless networks? The answer is simple... Allow people to shoot spammers on site. No long would being a repo man be the most dangerous line or work. =]
On a more serious note spammers using these open wireless networks to send spam kind of negates the whole black list mail server things doesn't it.
Both forced entries onto the wireless network I administer were for the purpose of sending spam email. The distance between the two incidents was 27 miles away from one another--the emails were for different "products and/or services," so the assumption is that it was two different spammers.
Are spammers looking for open WLANs? Yes. And if they're not open, some are even attempting to find another way onto the network:
Personally, I'd never thought anyone would go to the lengths of MAC Address Spoofing, AirSnorting the WEP key, and launching a man-in-the middle attack to get user authentication information.
(Anonymous to protect my organization's identity.)
People like you are balanced out by people like me. I use "Contact Me" forms on my website rather than my e-mail address, I don't give out my real address, and I use a throw-away address for mailing lists and a free e-mail address (Softhome, Yahoo, etc.) for submitting to forms on the web where I have no choice.
Only recently, and only through negligence on my part (posted to a couple mailing lists with my real address) have I ever received SPAM to a production e-mail address. I think I'm up to a total of ten SPAMs in the past decade.
Of course, if you use a free web based e-mail provider, all bets are off. Those seem to get SPAMmed like there's no tomorrow. My little brother got a Hotmail account comprised of seemingly random letters and numbers (it was like "cewlgy007"; phonetically "Cool Guy Double-Oh-Seven") and was receiving pornography SPAM within two weeks. By about a week later, his INBOX was so crammed with the stuff the account became useless.
Mail servers / filters often keep stats, so the filters from major ISPs are analyzed and the stats likely extrapolated from there. I'm no statistician so I won't elaborate, but that's my best guess.
Now then, back to the topic ...
The article is FUD. The headline is a scare tactic, the stats are garbage, and the conclusions only ring true based on empirical evidence. Yes, wide-open WLANs are used for malicious purposes every day. A simple DC converter, my laptop, and my bland million-just-like-it Cavalier becomes a DDoS/SPAM/H4x0r staging ground. I could drive the streets of Toronto (hey - traffic jam - more time!) all day long attacking people all over the world from a different address every time. Get a couple friends in on it and we've got ourselves a party!
The solution is for companies implementing WLANs to atleast enable WEP. People aren't going to sit and run down their car battery (and expensive gas) waiting to crack a WEP key when they can find an easier target down the road. Coffee shops and the like that allow open WLANs should restrict traffic by port and proxy all traffic - with filters imposed.
People should also tell their Congress-Critters that war drivers who publicize open WLANs are NOT TERRORISTS! These people are helping by raising awareness of open access to the Internet, intentionally or otherwise. People just have to learn to pay the hell attention and do something about it. I mean, seriously, someone comes along and tells you that you have an easily correctable hole in your network that could be used maliciously and cost you thousands (millions?) of dollars - and you want to throw THEM in prison? Get real!
Anyways, this article doesn't seem terribly worth further discourse, so colour me outta here ...
BD Phone Home!
Shameless plug. Like you weren't expecting it.
If I get even one false positive, it means I have to manually wade through the 35 SPAM (actual count today) messages I got today, just incase one was a false positive. In effect the spam matching effort is wasted because I still have to look at all the spam. I want spam elimination software to get rid of the spam so I can go on with my life without paying attention to it. When I have to pay attention to it at all, that means that the software is worthless.
False negatives are not as bad. If I can get rid of all the breast enhancement ads (without losing the gossip about some aunt who got enhancements) my life would be better. But if there is a flase match what is the point?
Email is a tool. I get messages every day that I need to read. Most people don't call me, and I used to encourage that as I would prefer to communicate over email. (almost as fast as a phone, but there is a chance to take those stupid things I tend to say back) Spam has made email nearly useless for general communication though.