dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3264

Stop the spam
@bellsouth.net

Stop the spam

Anon

New Spam Retaliation Tool

I cam across this thread this morning. The tool actually helps reduce the spam

»www.wilderssecurity.com/ ··· t=153745

»thecarpcstore.com/phpbb2 ··· hp?t=389

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni

MVM

Can this be used against a bona fide site?

Cudni

TechyDad
Premium Member
join:2001-07-13
USA

TechyDad to Stop the spam

Premium Member

to Stop the spam
Sounds similar to an idea I had awhile back which I dubbed "Phisher Phakeout." The idea was that you would click on the Phisher links in your e-mail, run this program, and it would fill in the forms will random information. I actually got a database of first names, last names, and cities to use before other things took priority. One of these days I might revive that project.

Fobulous
Premium Member
join:2002-08-14
Missouri City, TX

Fobulous to Stop the spam

Premium Member

to Stop the spam
I downloaded this thing but did not find any programs to run with. just bunch of folders and a few java scripts. Am i suppose to double click on these scripts??

Lex Luthor
Mod
join:2000-09-17
Hicksville, NY

Lex Luthor to TechyDad

Mod

to TechyDad
said by TechyDad:

The idea was that you would click on the Phisher links in your e-mail
Nowadays, isn't that quite dangerous? I was under the impression that not only do these sites host phishing or spam prodcuts, but also are sources for viruses and spyware?

Sure, you might have anti-virus and anti-spyware, but that doesn't mean that you'll go to a site that's ahead of what you have.

I think it's way to risky to go to a spam link in your browser.

TechyDad
Premium Member
join:2001-07-13
USA

TechyDad

Premium Member

Possibly. This (hypothetical) tool definitely wouldn't be for the average user. Another less-than-desirable result could be that the phishing link could be tied to your e-mail address. (To give a simple example, joeshmoe@someisp.com could get a url to phisher.com/index.php?id=7 while janesmith@anotherisp.com might get phisher.com/index.php?id=12.) By loading up the page, you could be confirming to the phisher that your e-mail address is live. So even if you don't fall for their scam, they might compile a list of those live e-mails and sell them to some spammers.

Just one of many reasons why "Phisher Phakeout" isn't high on my priorities list.

Qorum
@uu.net

Qorum to Fobulous

Anon

to Fobulous
Double-click 'kill.html'.

It launches the script from your browser.

Fobulous
Premium Member
join:2002-08-14
Missouri City, TX

1 edit

Fobulous

Premium Member

ah thanks.

too bad the instructions aren't very clear. and i have noscript running.

i guess after the script is run, it just automatically finds "these sites" and submit "orders"???? neat idea but i don't know if this is working or not.

jansson_mark
Markus Jansson
Premium Member
join:2001-08-05
Finland

2 edits

jansson_mark to Stop the spam

Premium Member

to Stop the spam
For me, it refreshes, but even its been running for a while, it still only sayes:"Orders Submitted: 1"... So I dont think its working properly.
Oh, it needs to have cookies enabled on your www-browser. Now it works perfectly.

tempnexus
Premium Member
join:1999-08-11
Boston, MA

1 edit

1 recommendation

tempnexus to Stop the spam

Premium Member

to Stop the spam
all I get is invalid archive.
Ok I got it running on 20 threads...BUT the problem is this:
Your ISP might see you as being infected with a BOT and sending out SPAM so as far as I know, the joke might be ON YOU when YOUR ISP CUTS YOUR CONNECTION OFF.

Blackbird
Built for Speed
Premium Member
join:2005-01-14
Fort Wayne, IN

Blackbird

Premium Member

said by tempnexus:

... Your ISP might see you as being infected with a BOT and sending out SPAM so as far as I know, the joke might be ON YOU when YOUR ISP CUTS YOUR CONNECTION OFF.
Sad, but perhaps true. One could only wish all the ISPs were that observant... then the real spammers would find all their bots and such getting cut off at the knees. But the way it so often works, the "good guys" will be the ones hitting the wall. Sigh...!

tempnexus
Premium Member
join:1999-08-11
Boston, MA

tempnexus

Premium Member

I agree however, I know from personal experience that COMCAST kills the bot machines. I had many customers stop by my shop because Comcast/ATT disconnected their service, stating that they will only reconnect it after they reformat their PC (due to bot infection).

Stop the spam
@bellsouth.net

Stop the spam

Anon

said by tempnexus:

I agree however, I know from personal experience that COMCAST kills the bot machines. I had many customers stop by my shop because Comcast/ATT disconnected their service, stating that they will only reconnect it after they reformat their PC (due to bot infection).
Why would they? This script is filling html forms not spamming by email. To the ISP it looks like legitimate web traffic.
Stop the spam

Stop the spam to Stop the spam

Anon

to Stop the spam
FYI This is not meant for the average home user and of course one is expected to use common sense.

AB57
Premium Member
join:2006-04-04
equatorial

1 recommendation

AB57 to Stop the spam

Premium Member

to Stop the spam
said by Stop the spam :

said by tempnexus:

I agree however, I know from personal experience that COMCAST kills the bot machines. I had many customers stop by my shop because Comcast/ATT disconnected their service, stating that they will only reconnect it after they reformat their PC (due to bot infection).
Why would they? This script is filling html forms not spamming by email. To the ISP it looks like legitimate web traffic.
Anytime you play with fire, there's a chance you could get burned.
DasEnglander
join:2006-11-07

1 recommendation

DasEnglander to Stop the spam

Member

to Stop the spam
hehe...

If you are going to play with something like this then I would suggest you use a virtual machine such as vmware.

As Lex Luthor pointed out above, many of these sites are also host malware and as AV/AS software will always be behind the trend there is a very good chance you will pick up something nasty.

Using vmware you can take a snapshot after you have set up your scripts etc. then if the malware detects the vm and exits, you've won. If it infects the vm, you simply revert to the snapshot and again you've won.

If you do use this method then make sure your host firewall and that of any other machines on your network are properly configured to block all traffic from the vm to prevent them from becoming infected.

If your router has a build-in firewall then this should be configured to block all outgoing traffic from the vm except DNS and HTTP. This will keep your ISP off your back.

And finally, Don't used shared folders or any other kind of network share between the vm and the host or any other machine.
sharpy merc
join:2003-01-28
England

sharpy merc to Stop the spam

Member

to Stop the spam
Can this tool be used against Panda I'm getting so much spam from them.

tempnexus
Premium Member
join:1999-08-11
Boston, MA

tempnexus

Premium Member

I had that happen to me with my yahoo account.
But I had my Material Physical Science newsletter spamming my mailbox because few years ago I gave a nanomaterials presentation on their sponsored symposium.
So every few days I got a news letter and every few days I reported them to yahoo as spam. After about 1.5 years all of their news letters are going directly to spam. Initially I thought that Yahoo just added the spam filter just to my yahoo account. So I create another yahoo name, and sign up for the news letter. Lo and behold every mail from MPS I get, gets funneled to Yahoo spam folder
I single handily added a reputable news letter to spam. (and yes I did try to unsubscribe).

Stop the spam
@bellsouth.net

Stop the spam to sharpy merc

Anon

to sharpy merc
said by sharpy merc:

Can this tool be used against Panda I'm getting so much spam from them.
Don't do it. It will get you into serious legal trouble down the line.