Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lycos Anti-Spam Screensaver Brings Down Spam Sites

Posted by CowboyNeal on from the online-vigilantes dept.

ChairmanMeow writes "According to BBC News, the screensaver released by Lycos Europe that targets spam websites has been a bit too successful at targeting spam sites, bringing down two sites, with a third responding intermittently, and raising concerns that the screensaver amounts to a DDoS attack against spam sites. Of course, spammers deserve to be punished, but will DDoS attacks against spam websites help to curb the problem of spam?" While the screensaver allegedly throttles back when a site slows, it would seem it's being a bit overzealous.

9 of 715 comments (clear)

  1. Actually... by Anonymous Coward · · Score: 5, Informative

    It's according to Netcraft. Their story is Spam Sites Crippled by Lycos Screensaver DDoS, followed by Lycos Screensaver Site Blocked by Internet Backbones and Lycos Screensaver Site Changed, Now Says "Stay Tuned". F-Secure also says spammers are beginning to fight back by redirecting traffic back to Lycos.

    Come on people, primary sources! This isn't elementary school.

  2. Re:Quick! by shdragon · · Score: 5, Informative
    Ask & ye shall receieve.

    www.bokwhdok.com

    rxmedherbals.info

    blundering.subbvbvf.com

    http://m39.computergearplus.com

    www.artofsense.com

    printmediaprofits.biz

    --
    "...we dont care about the economics; we just want to be able to hack great stuff."
  3. Berman tried that by www.sorehands.com · · Score: 5, Informative

    Last year, Berman tried to pass a copyright measure which would immunize a copyright holder's efforts to stop someone from violating their copyright -- hacking into their system to remove the material, take it off the network, or shut it down.

    --
    Fight Spammers!
  4. Re:Bad? No way. by pcmanjon · · Score: 5, Informative

    One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos.

    Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

    If it does execute code, (which would be a security hole vuln.) then I suggest they just do a get on www.moretgage.info/fakepage -- which isn't apparently blocked.

  5. Re:Bad? No way. by LiquidCoooled · · Score: 3, Informative

    The screensaver isn't doing everything though.

    All the news sites covering the DOS attack are spreading word of the attack.

    They are loading the site themselves because of a link in the news report or a forum comment.

    --
    liqbase :: faster than paper
  6. Re:Bad? No way. by vacuum_tuber · · Score: 5, Informative
    One of the spam sites www.moretgage.info has changed it so it has a meta refresh tag to redirect traffic to lycos. Interesting, but I don't think the screensaver actually renders and executes HTML code, it just does a GET, meaning the redirect would do nothing, right?

    Right. Pretty much all of the recent news stories about this got it 100% wrong. In fact, from a sample HTTP request someone posted in one of these Lycos threads here, the screen saver doesn't even request a valid file. It generates a GET or POST intentionally formulated to generate a web server error response. Very clever. Not so clever are all the whiners and speculators who erroneously presume things like the imagened vulnerability of the Lycos tool to HTTP redirection.

    --
    Look at the bright side: there's always seppuku.
  7. doesn't lycos make spyware? by geekbruin · · Score: 3, Informative

    i'm so confused. isn't this the same lycos that has their sidesearch spyware (http://www3.ca.com/securityadvisor/pest/pest.aspx ?id=453078521)? and if so, isn't this a bit disingenuous to be a anti-spam patriot while perpetuating their own brand of spyware? i mean, really, now.

  8. Re:Bad? No way. by oexeo · · Score: 3, Informative

    In theory you need a 302 response, but I have yet to see a browser, or other common HTTP client which doesn't work without it.

    I have on the other hand seen badly designed clients which will only accept a 200 response, and reject any other response code.

    The parent (to my post) was suggesting that all clients will ignore a location directive unless told to follow it, which is not true.

  9. Re:I love spam by Anonymous Coward · · Score: 3, Informative

    It's called Spam Vampire, google it.