[SA-exim] teergrubing

Tony Earnshaw tonni at billy.demon.nl
Thu Aug 21 22:21:24 PDT 2003


jvanasco at mastersofbranding.com wrote:

>>> anyone have info on the machines that spammers host their 
>>> shoppingcarts on though?
>>
>> Let me guess :o) You want to become a spammer and want to set up a 
>> shopping cart site. You want info from us all over the hardware on 
>> which to set that up.
> 
> Totally.  I want to spam you, your mom, and your mother's religion.

I use SpamAssassin. My mother's been dead for many years.

> If spammers are mailing their shit from hacked machines, it makes me 
> think that *possibly* they are hosting their shopping cart sites on 
> hacked machines too.

Point is, that those machines are not hacked. Or very few of them. They 
don't have to be. Those machines have been configured by people 
(sysadmins, ordinary people who bought a machine at the computer store, 
you name it) who have no idea. There are millions of such machines on 
the Internet. They are badly configured MTAs, http proxies (Windows of 
all kinds, Apache), socks5 proxies and even other server types.

> If that is a high probability, I don't want to up the bandwidth of 
> people too dumb to configure a server securely.  If most spammers sell 
> their wares off of their own websites though -- I have no problems with 
> the idea of upping their bandwidth bills.

They're fly-by-nights, most of them at any rate. Today they are one 
place, tomorrow another. If a new on comes in their place, who cares? 
You do an (illegal) DoS attack on one site one day, tomorrow it's 
someone else's property and legal. And how would you mount a DoS attack 
anyway, technically?

> Their business model depends on low overhead.  They count on nearly 
> every person they spam trashing the message.  But what if every person 
> they spammed visited their website?  Multiple times?  Bandwidth is cheap 

You have to be be joking. Though it's possible - 
www.ilovetheirakiminiinformationminister.com was forced to its knees for 
a few days, through everybody visiting it. Not any more though. Ganging 
up on some temporary Viagra or penis growth site isn't going to work. 
Unless you invent some new trojan to bomb them with. Odds are I'll be 
reading about you in SANS or somewhere, if you try, though.

Tony

-- 
Tony Earnshaw

Looking backwards is always easy with hindsight

http://www.billy.demon.nl
Mail: tonni at billy.demon.nl




More information about the SA-Exim mailing list