Slashdot Mirror
Lycos Declares War on Spam Servers
Psychotext writes "The Register have posted a story about a new screensaver from Lycos that targets known spam servers (taken from spamcop and verified by hand) with traffic in order to raise their bandwidth costs and hopefully price them out of the game. Lycos state that this is not a DDOS as Lycos monitors the site's responsiveness and throttles back when the site starts to falter. The screensaver is available here for Mac OSX, Mac OS9 and Windows, though you might need to lie about what country you are from." Reader JohnGrahamCumming writes "As part of preparing for the MIT Spam Conference I've put together a survey on what people are experiencing out there with spam, what they are doing about and followed it up with a test of different views of an inbox filled with spam and ham. You can take the test and be part of the survey results in January."
This is Lycos Europe, not lycos.com, two totally different companies that shares nothing but the name and the logo.
Well, to be perfectly honest, people trying to blacklist specific dynamic IPs (or even small ranges of them) are just showing their ignorance of how the net works.
Part of verifying IPs as spam sites should include the obvious; checking to make sure it's not an IP in some ISP's dynamic IP pool.
This type of checking is already implemented by some ISPs when deciding if email should be accepted or not by their mail server. (My boss set up a small mail server on his Charter cable connection, for example. Charter, instead of issuing him a true static IP, decided to give him a "fixed dynamic IP". Basically, they just punched his network card's MAC address into their DHCP server and told it to always issue him the same IP out of their dynamic pool.) This causes his mail server to be unable to handle emails destined for AOL, because they know his IP is in a dynamic range for Charter.
Sometimes, I've seen my own dynamic IP come up as blacklisted on services, but a closer inspection typically shows they just blacklisted the whole ISP, or at least their whole pool of dynamic addresses. These types of bans are usually temporary measures put in place because they're having problems coming from somebody on that ISP and they can't afford to wait around until that ISP co-operates with them to track down the individual doing it.
Not a hoax,. It wasn't really Lycos idea from the start it was a Swedish ISP called 'Spray'.
But it looks like Lycos and Spray is teaming up now.
Don't be silly. If someone leaves themselves logged in, you put goatse in their startup.
Santa's suicide mission go!
I'm not sure which spam gang does this at the moment, but Empire Towers would be the best bet. (They use tricks like asymetric routing to spoof the source of a TCP connection. They can make it look like a huge amount of spam is coming from a dial-up connection on an ISP with outgoing port 25 blocked. ;^)
One line blog. I hear that they're called Twitters now.
Not all spammers get $$ by people buying somthing from them. Sometimes the site linked to in the email has a referer in it and leads to some site other than the e-mailer's and they get paid based onthat reffer id being assosiated with a particular non-acredited mortage loan for penis enlargement pills.
There are other ways they make money, and some is just random guessing to find valid emails (via various mechanism) for re-sale to other spammers.
I'd swear some of this spam is pure bs to entertain the spammer who could care less about making $$ than simply seeing how many people he piss off with idiot e-mails and chain letters(AOL in conjuction with microsoft and the fda are tracking this e-mail, send it to 183 close friends in the next 27.34 minutes or we kill a kitten and you'll come down with warts!).
Mycroft
https://signup.leagueoflegends.com/?ref=4c3ed6600b6ea
Umm.. "/me" is a command for IRC. It's not related to HTML at all.
The spammer's DNS will never come into it. All the screen saver has to do is to send a request directly to the spammer's IP address. No lookup, no DNS.
The race isn't always to the swift... but that's the way to bet!
A company that brands a product "Lycos Sidesearch" that Ad Aware finds as spyware isn't going to get me to install their screensaver; I don't care how long the name has been a brand on the Internet.
Do not look into laser with remaining eye.
Linky to your 5-15% stats?
This comment is guaranteed*
*not guaranteed
Asymetric routing, like all spammer tricks, involves cheating. All your packets (including TCP handshake packets) do go to the proper IP address on some DSL or dialup line. However, once they get there, they get relayed to a box connected to the spammer's fat pipe. The reply (a large web page or spamming attempt) goes out the fat pipe with the forged DSL IP address and proper sequence information, and naturally spammy's provider doesn't do egress filtering.
That way you can seem to get a huge amount of data from some dinky connection, even though the ISP has blocked outgoing packets from that port. If the dinky connection only sees the TCP handshakes and HTTP requests, that's not much traffic. (And spammy has bunches of them.) How the relay for the dialup to the fat pipe happens might be tricky, or it might be a dialup connection from the same box that has the fat pipe. I dunno.
Think about it a while if this doesn't make sense. I didn't really believe it either until I saw a web server on a dialup delivering data at Ludicrous Speed.
One line blog. I hear that they're called Twitters now.
This was my first reaction too. I downloaded the s/w to analyse it, the MacOS-X version is not a standard bundle, just a carbonised ppc executable. /Users/john/Library/SWF Desktop/SWF Desktop.app ?? .biz .ezybrzy africa bigger lonely & buyherb
strings reveals some blowfish setups, in a screensaver?
some filecopywithcompression, which might be just sloppy compilation...
chmod 777 hmmm,
and buried in one section of binary Shakespeare's monkeys have inserted amongst the other bits & bytes
Anybody with a sandpit network like to see what comes out of a machine running this thing?
If you control the host of the IP you're spoofing from, then you know the sequence numbers and can generate valid ones from your spoofing host.
The real problem here is that responsible network admins need to egress filter their networks to stop spoofing. This would solve a lot of problems internet wide. Sadly, it takes valuable router horsepower.
--
lds
No. Here's a coherent explaination (with ASCII arrows even) of it by someone else. I'm not sure there is a fix except enforced egress filtering. (Enforced how and by whom, got me.)
One line blog. I hear that they're called Twitters now.
I made a small dump and let it run for a little while before I quit it. http://students.depaul.edu/~bengert/dump.zip
A properly pirated MS OS is just as easy to upgrade as a paid for version.
Hmm, ever heard of something called Internet Relay Chat?
/me command is quite popular, as it creates a special type of 'action' command.
the
if I were to type in '/me ducks for cover' into a IRC session, it would show on the screen something like this
AC: blah blah blah blah
NeuroKoan: bleh blah bleh blah
AC: hahahahaha
NeuroKoan ducks for cover
AC: lol
"However," replied the universe, "The fact has not created in me A sense of obligation."
This whole idea was published on the Swedish website Spray.se (A swedish ISP/Free email/Portal) about a month or so ago here:
http://makelovenotspam.spray.se/
Spray is in turn owned by Lycos, which explains both the development of the screensaver (in Sweden as per your info) and it's propagation through Lycos via Spray...
Question? You mean "What, of use to a Westerner, could they offer to counter that?", where "that" is spam, presumably? Your "atttitude is based on facts"? Such as "TONS of spam comes from them"? Okay,if you block every continent that produces spam, you're left with an Internet comprising Antarctica. I repeat: America generates most of the world's spam. (I'll refer you to ROKSO if you want to dispute that.) What can YOU offer to counter that?
What is yours based on, besides a martyr complex?
Being a martyr requires being a willing victim. I've just been messed up by simplistic xenophobic American policies, like those so eleoquently advanced by yourself. Unfortunately there's a lot of that around these days.
100 X 3.4 = 34?????
Go back to elementary school, the correct answer is 340.
This is an interesting statistic. Do you have a source for it?
Guardian Unlimited: Mail out of order:"Boca Raton in Florida is...the spam capital of the world....There are really only 150 spammers doing 90% of all the spam we get in the US and Europe... at least 40 of them are in Boca Raton."
Also see ROKSO.
>but none of the images load on that site
;)
That's the aim of this site! The images are hotlinked from (dead) fake banks
Try the Lad Vampire at http://www.aa419.org/ladvampire.html !
It is successfully attacking criminal fake banks & fraudulent lotteries - 24 hours / 7 days a week.
Nonsense. This has nothing to do with mail lists mail servers or anything that would affect legitimate email. RTFA.
(x) Users of email will not put up with itAre you really this stupid or do you spend so much time being so full of yourself that you can't RFTA?
(x) The police will not put up with itHahahahahahahaha! You're so funny!
(x) Anyone could anonymously destroy anyone else's career or businessOK, now you're seriously flirting with brain death. The Lycos tool doesn't provide "anyone" with anything they can't already do. It just makes it very convenient for clueless nonprogrammers and boxes them off from any control over the spamvertized websites burdened with extra traffic.
(x) Laws expressly prohibiting it [well, we'll find out if this is illegal once Ralsky et al. sue]Spammers would be well advised not to show themselves anywhere. There's no telling what crazed mobs of over-spammed Internet users might do to them.
(x) Extreme profitability of spam [providing Ralsky et al. with enough funds to make the court case long and bloody]You really are clueless. Spammers and spamvertized websites are on the verge of being declared outside the protection of the law, and they operate on very thin margins regardless of some of the reported big bucks some of them have made. This is going to gut them like the rotten fish they are.
(x) Inethicality of slowing the entire Internet down, when a handful of spammers are responsible for 99% of our spamIf you try really hard you might be able to pull your empty head out of your overfull asshole. This won't slow the Internet an iota but it will substantially increase the costs of the spamvertized sites. You know, the folks who fund all the spamming. How many spammers there may be is entirely irrelevant.
(x) Blacklists suckThis does not involve a blacklist, moron.
(x) Countermeasures should not involve sabotage of public networksYou have no clue whatsoever about the capacities and resilience of the public Internet.
(x) Why should we have to trust you and your servers?Propose something better, fuckwit. Until then, 27,000+ of us are hammering spamvertized websites, increasing their costs. That's up from about 9,000 yesterday, BTW.
(x) Killing them that way is not slow and painful enoughThis is the only thing you got right. But this way will do for the time being.
(x) Sorry dude, but I don't think it would work.That's because you can't think. Cheer up... as usual, others are willing and able to do your thinking for you.