Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lycos Anti-Spam Screensaver Brings Down Spam Sites

Posted by CowboyNeal on from the online-vigilantes dept.

ChairmanMeow writes "According to BBC News, the screensaver released by Lycos Europe that targets spam websites has been a bit too successful at targeting spam sites, bringing down two sites, with a third responding intermittently, and raising concerns that the screensaver amounts to a DDoS attack against spam sites. Of course, spammers deserve to be punished, but will DDoS attacks against spam websites help to curb the problem of spam?" While the screensaver allegedly throttles back when a site slows, it would seem it's being a bit overzealous.

19 of 715 comments (clear)

  1. Actually... by Anonymous Coward · · Score: 5, Informative

    It's according to Netcraft. Their story is Spam Sites Crippled by Lycos Screensaver DDoS, followed by Lycos Screensaver Site Blocked by Internet Backbones and Lycos Screensaver Site Changed, Now Says "Stay Tuned". F-Secure also says spammers are beginning to fight back by redirecting traffic back to Lycos.

    Come on people, primary sources! This isn't elementary school.

  2. Re:Quick! by pcmanjon · · Score: 2, Informative

    I use to use this screensaver but disabled it, it was conflicting with my audio hardware.

    I voicechat a lot using teamspeak [www.goteamspeak.com]

    Every time the screensaver would activate my microphone to other people would become pure static, blaring out their ears. The only fix would be to quit and re-launch teamspeak.

    I voicechat while doing other things sometimes on teamspeak, and it became an annoyance, so I set my screensaver, once again to 'Blank'

  3. Re:Quick! by shdragon · · Score: 5, Informative
    Ask & ye shall receieve.

    www.bokwhdok.com

    rxmedherbals.info

    blundering.subbvbvf.com

    http://m39.computergearplus.com

    www.artofsense.com

    printmediaprofits.biz

    --
    "...we dont care about the economics; we just want to be able to hack great stuff."
  4. Look, Maw, a Dupe! by Safety+Cap · · Score: 1, Informative

    Way to go, Crackerbarrel

    --
    Yeah, right.
  5. Berman tried that by www.sorehands.com · · Score: 5, Informative

    Last year, Berman tried to pass a copyright measure which would immunize a copyright holder's efforts to stop someone from violating their copyright -- hacking into their system to remove the material, take it off the network, or shut it down.

    --
    Fight Spammers!
  6. Re:Bad? No way. by pcmanjon · · Score: 5, Informative

    One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos.

    Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

    If it does execute code, (which would be a security hole vuln.) then I suggest they just do a get on www.moretgage.info/fakepage -- which isn't apparently blocked.

  7. Re:I honestly don't care by the+real+darkskye · · Score: 2, Informative

    Because Lycos Europe claim that they hand check all the websites they select.

    --
    Music is everybody's possession.
    It's only publishers who think that people own it.
    Fuck Beta
    ~John Lenno
  8. Re:Bad? No way. by LiquidCoooled · · Score: 3, Informative

    The screensaver isn't doing everything though.

    All the news sites covering the DOS attack are spreading word of the attack.

    They are loading the site themselves because of a link in the news report or a forum comment.

    --
    liqbase :: faster than paper
  9. Re:Who died and made Lycos vigilante of the Net? by Yaztromo · · Score: 2, Informative
    Hey, I like the idea of punishing spammers, but Lycos is playing a game that's very dangerous. They're doing DOS-attacks (by proxy) on servers, and where I live that's actually a crime.

    On the original website for this tool, you were asked to select your country from a list in order to download the tool. The list was quite limited -- only some European countries were listed.

    I'm guessing this is because Lycos did their research to determine in which countries potential users wouldn't get into trouble if they ran their tool.

    Yaz.

  10. online lynchings by Random_Goblin · · Score: 2, Informative

    Isn't this more like having the entire neighborhood join the neighborhood watch, then post everyone around the perimiter of a pedophile's property?

    the trouble with mobs and vigilanes though is they are not very just, and can't be relied on not to attack the pediatrician by mistake.

    lynchings are generally considered bad things for a reason, and this is what this screensaver amounts to online lynchings.

  11. Re:Bad? No way. by vacuum_tuber · · Score: 5, Informative
    One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos. Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

    Right. Pretty much all of the recent news stories about this got it 100% wrong. In fact, from a sample HTTP request someone posted in one of these Lycos threads here, the screen saver doesn't even request a valid file. It generates a GET or POST intentionally formulated to generate a web server error response. Very clever. Not so clever are all the whiners and speculators who erroneously presume things like the imagened vulnerability of the Lycos tool to HTTP redirection.

    --
    Look at the bright side: there's always seppuku.
  12. Re:Fixed list of sites by The+Ultimate+Fartkno · · Score: 2, Informative

    This is close to what you're looking for. (It's IE only, though.)

  13. doesn't lycos make spyware? by geekbruin · · Score: 3, Informative

    i'm so confused. isn't this the same lycos that has their sidesearch spyware (http://www3.ca.com/securityadvisor/pest/pest.aspx ?id=453078521)? and if so, isn't this a bit disingenuous to be a anti-spam patriot while perpetuating their own brand of spyware? i mean, really, now.

  14. Re:Bad? No way. by oexeo · · Score: 3, Informative

    In theory you need a 302 response, but I have yet to see a browser, or other common HTTP client which doesn't work without it.

    I have on the other hand seen badly designed clients which will only accept a 200 response, and reject any other response code.

    The parent (to my post) was suggesting that all clients will ignore a location directive unless told to follow it, which is not true.

  15. Re:Bad? No way. by pcmanjon · · Score: 2, Informative

    "No you are wrong. If you alter the Location directive to point to a page other than the page requested, *most* clients will follow it."

    Yeah, but this is to hoping the screensaver is a jury-rigged HTTP client that just does a GET request and downloads the content from the server (meaning it doesn't support the full http 1.1

  16. Re:I love spam by Anonymous Coward · · Score: 3, Informative

    It's called Spam Vampire, google it.

  17. Re:Innocent victim? by IgnoramusMaximus · · Score: 2, Informative
    Thank god there was actually a concrete example for all the vigilanti monkeys here screaming for blood so much they don't see that innocent people will get whacked by their activities.

    Err..no. The "art studio" is a prollific and long time spammer. But they do apply the standard Israeli method of operation: when you get caught red-handed, you shed crocodile tears and make big eyes and whine and whine and whine about how you are a victim and the whole world is unjustly against you etc etc. This act is wearing a bit thin.

  18. Re:Bad? No way. by drakaan · · Score: 2, Informative

    Host headers, look 'em up.

    --
    "Murphy was an optimist" - O'Toole's commentary on Murphy's Law
  19. Re:Bad? No way. by vacuum_tuber · · Score: 2, Informative
    Easy fix, point the domain to lycos servers, have them DoS themselves.

    Only if we presume that the Lycos people who crafted this have no brains. More likely, the outline of what they do looks something like this:

    1. Get URL of spamvertized site
    2. Review manually, confirm spamminess
    3. Log IP address, add to target list
    4. Monitor DNS for any change in IP
    5. If IP changes, remove from target list, add to short list to monitor URL's site for return to spamminess
    6. If and when it resolves to a spammy site again, add URL to target list again

    Most of the naysayers have not taken more than a superficial look at what Lycos did, and too many are relying on the uninformed opinions of other posters who have also failed to look closely at it or to think it through.

    The Lycos screen saver is dynamic, not static. It can be given new instructions virtually in real time, including instructions to target nothing or to go into its present dimmed "Stay Tuned" mode.

    --
    Look at the bright side: there's always seppuku.