"Make love, not spam"....
Techdirt has an article this morning that discusses how Lycos Europe is encouraging their users to run a screensaver that constantly "pings servers suspected to be used by spammers" and also suggests that "In other words, it's a distributed denial of service attack against spammers by Lycos." The Techdirt article referenced is on Heise Online: http://www.heise.de/english/newsticker/news/53697 I'd be curious to hear what NANOG readers thoughts are on this. Techdirt is located at http://www.techdirt.com/ - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net
At 09:39 AM 29/11/2004, Suresh Ramasubramanian wrote:
Fergie (Paul Ferguson) wrote:
I'd be curious to hear what NANOG readers thoughts are on this.
It would be interesting to see how this fares when faced with a whole lot of router acls that got put in to filter out nachi
Although I generally like spamcop (one of the sources for determining spamvertised websites) for use with SpamAssassin in scoring, its not the most conservative list e.g. http://www.spamcop.net/w3m?action=blcheck&ip=198.108.1.41 list Merit as a spam source...) and the accidental listing or potential for abuse could be nasty. What about the case where the spammer gets black listed, traffic starts pounding the rouge site and then the spammer changes the A record to be www.example.com instead. Now all of a sudden www.example.com is being pounded by all those screen savers. ---Mike
On Mon, Nov 29, 2004 at 02:14:01PM +0000, Fergie (Paul Ferguson) wrote:
Techdirt has an article this morning that discusses how Lycos Europe is encouraging their users to run a screensaver that constantly "pings servers suspected to be used by spammers" and also suggests that "In other words, it's a distributed denial of service attack against spammers by Lycos."
Already noted as unbelievably stupid and dissected on Spam-L, but: getting into a bandwidth contest with spammers is a guaranteed loss, as they have an [essentially] infinite amount available to them for free. Apparently Lycos is unaware of zombies (including those hosting web sites), HTTP redirectors, rapidly-updating DNS, throwaway domains, and other facts of life in the spam sewer. ---Rsk
Rich Kulawiec <rsk@gsp.org> wrote:
Already noted as unbelievably stupid and dissected on Spam-L,
I'm inclined to agree...
but: getting into a bandwidth contest with spammers is a guaranteed loss, as they have an [essentially] infinite amount available to them for free. Apparently Lycos is unaware of zombies (including those hosting web sites), HTTP redirectors, rapidly-updating DNS, throwaway domains, and other facts of life in the spam sewer.
... but this screensaver means that Lycos *also* have a botnet available to them. -- The advice given me about Maglites is to hold it out sideways from yourself but at shoulder height, this makes the opponent think you are standing 3 foot to one side of reality. - Rob Adams in the Monastery
In message <cofh1v$f48$1@dopiaza.cabal.org.uk>, Peter Corlett writes:
Rich Kulawiec <rsk@gsp.org> wrote:
Already noted as unbelievably stupid and dissected on Spam-L,
I'm inclined to agree...
but: getting into a bandwidth contest with spammers is a guaranteed loss, as they have an [essentially] infinite amount available to them for free. Apparently Lycos is unaware of zombies (including those hosting web sites), HTTP redirectors, rapidly-updating DNS, throwaway domains, and other facts of life in the spam sewer.
... but this screensaver means that Lycos *also* have a botnet available to them.
Yah -- imagine what happens if Lycos' control machine gets hacked... --Steve Bellovin, http://www.research.att.com/~smb
The point behind the initiative is not to attack the email senders, but the source of money. If the spam websites are never up, then the recipients cannot buy products advertised. Without the sales, there are not finances to support the spamming. If spammers can't make money sending email, then they will find something else profitable to do . . . . like phishing :-) On Mon, 29 Nov 2004 10:52:22 -0500, Rich Kulawiec <rsk@gsp.org> wrote:
On Mon, Nov 29, 2004 at 02:14:01PM +0000, Fergie (Paul Ferguson) wrote:
Techdirt has an article this morning that discusses how Lycos Europe is encouraging their users to run a screensaver that constantly "pings servers suspected to be used by spammers" and also suggests that "In other words, it's a distributed denial of service attack against spammers by Lycos."
Already noted as unbelievably stupid and dissected on Spam-L, but: getting into a bandwidth contest with spammers is a guaranteed loss, as they have an [essentially] infinite amount available to them for free. Apparently Lycos is unaware of zombies (including those hosting web sites), HTTP redirectors, rapidly-updating DNS, throwaway domains, and other facts of life in the spam sewer.
---Rsk
For residential users on cable-modem, the plan will deplete a scarce resource: upstream transmit opportunities. The DOCSIS MAC layer imposes an upper limit on the quantity of upstream transmissions (essentially PPS limitation, unless concatenation is employed, and concatenation is probably moot if standard ping with 1-second minimum transmit intervals is the upstream payload). If the load actually causes a problem in upstream operation, then folks using TCP for downstream service (e.g. surfing) will see their throughput cut. Regardless, the cable companies will probably try to disable this service, so they can avoid the financial impact of improving their infrastructure. They need to conserve the money in order to launch new unsolicited bids for Disney... At 09:14 AM 11/29/2004, you wrote:
Techdirt has an article this morning that discusses how Lycos Europe is encouraging their users to run a screensaver that constantly "pings servers suspected to be used by spammers" and also suggests that "In other words, it's a distributed denial of service attack against spammers by Lycos."
The Techdirt article referenced is on Heise Online:
http://www.heise.de/english/newsticker/news/53697
I'd be curious to hear what NANOG readers thoughts are on this.
Techdirt is located at http://www.techdirt.com/
- ferg
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg@netzero.net or fergdawg@sbcglobal.net
participants (8)
-
abuse@cabal.org.uk
-
Brett McCully
-
Fergie (Paul Ferguson)
-
Mike Tancsa
-
Rich Kulawiec
-
Robert M. Enger
-
Steven M. Bellovin
-
Suresh Ramasubramanian