Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Gigantic-sized Referrer Spam

__/ [John Bokma] on Thursday 13 October 2005 03:20 \__

> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
>> __/ [John Bokma] on Thursday 13 October 2005 01:34 \__
>>> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
> [ referer spam ]
>> counties of shame which I can identify are China, Russia, Singapore,
>> South Korea and Mexico (sorry!) among others.
> Mexico is big, and many computers are in Internet cafes (at least where
> I live), so probably easy to infect, and the owners don't care too much
> (probably clean up once a week using Ghost, or just don't care).

One would imagine.

Client: "Hey dude, why is this computer so slow? It takes me ages to send an
E-mail and my time runs out."

Internet Cafe Owner: "It's lunchtime. Network busy."

Roy (halfway across the globe): "Dammit! The server has got so many tasks

I blame Micro$oft. Code $paghetti.

>> Yes, your word on zombies was the first thing that sprung to my mind.
>> They get more and more of these each day.
> 2 days ago 3 people got arrested in the Netherlands. They had a bot net
> of 100,000 infected computers. And contrary to the news, that one is
> just a small one :-(

Yes, I read about it in several feeds. It hit some big headlines in
mainstream media.

>>>> Have
>>>> you got any tricks up your sleeves? I know some tools that combat
>>>> this, but they need console access if not root access too.
>>> check the referer and -F if it's a known uri.
>> It's quite diverse as I said.
> But maybe there is a pattern, like they have sex, viagra, or something
> like that in it?

The referral URL's are mainly from Tonga, but there are dozens of these blue
chip Web sites.

>> It's only a matter of time until the
>> spammers find a workaround, in which case the work was all in vain. I
>> can't figure out why somebody would want to waste so much bandwidth
>> attacking a site like mine for weeks.
> Some sites publish referers. If the site has a good PageRank, they get a
> link back. Also, there are always people checking the referer, and
> presto, a visitor.

Yes, I know. In this case, I think it's intended to vandalise though.

>> There is no financial incentive
>> for the spammers, right? I dread the day of gigabit Ethernet in places
>> like HK. Imagine youself the same sort of attack on hosts in east
>> Europe, for example, as opposed to London.
> Doesn't matter. Nowadays you just infect thousands and thousands of
> computers. Like my Mexico example, I think people who own a computer are
> (just a very little) bit more careful.

So my site survival now depends on people's willingness to get their s***
together and use anti-malware or drop the worst O/S on this planet... ain't
gonna happen any time soon, right?


Roy S. Schestowitz      | "Black holes are where God is divided by zero"
http://Schestowitz.com  |    SuSE Linux    |     PGP-Key: 74572E8E
  3:50am  up 48 days 16:04,  3 users,  load average: 0.23, 0.31, 0.41
      http://iuron.com - next generation of search paradigms

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index