Offtopic: A script kiddie discovers the ftp: link |
|
|
Saturday, February 23 2008 @ 13:30 CET Contributed by: Dirk |
|
|
I ranted about those stupid script kiddies and their fruitless yet annoying attempts to exploit something that isn't there before. Of course that didn't change a thing - we're still seeing more than 20% of the requests on our webserver being inclusion attempts. A new variation, however, is the use of ftp: links for the inclusion attempt: read more |
|
|
Filed under: Miscellaneous 2 comments (Post a comment) |
|
Using the W3C for spam |
|
|
Saturday, February 16 2008 @ 11:30 CET Contributed by: Dirk |
|
|
Profile spam is an old trick of the spammers. They simply create a profile on a popular forum, stuff it with their spammy links - and leave it sitting there. This usually works quite well since (lists of) profile pages are often linked prominently from the forum's main pages and therefore have a good position in search engines. You don't even have to post anything on the forum to profit from this. This can also be combined with the "abandoned message boards" approach where the spammers leave posts on unused message boards and then spam for those posts. Which in turn point to the spammers real (and valuable) domains. And in this combined "spam for profile pages" tactic, the spammers don't shy away from using prominent sites. I've already seen spam for SETI@home profiles, digg.com profiles, and various other well-known sites. I didn't know you could also do this with pages of the venerable World Wide Web Consortium (W3C), though. But one spammer did just that. read more |
|
|
Filed under: Comment Spam 0 comments (Post a comment) |
|
Offtopic: Damn Bounces! |
|
|
Thursday, February 14 2008 @ 20:35 CET Contributed by: Dirk |
|
|
For the last 2 or 3 days, someone has been sending out spam emails with faked email addresses @project.geeklog.net. Nothing new here, happens all the time, and if you own a domain, it'll happen to you eventually. On my own domains, I simply forward the catchall to a GMail account (hey, finally something to fill up those 6 GB!). On geeklog.net, however, we can't do that for various reasons. And so we're drowning in bounces now. read more |
|
|
Filed under: Miscellaneous 1 comments (Post a comment) |
|
Test spam |
|
|
Tuesday, January 01 2008 @ 15:00 CET Contributed by: Dirk |
|
|
Hmm, somebody's posting test spam again: The content is only the text string kokkk21, accompanied by a link to hgytgfred.com - which isn't even registered at this point (this started 15 hours ago, so it's not a problem with the whois or DNS not being up to date yet). Google returns a few hits on other sites, too. Nothing too obvious in the HTTP headers, but he seems to prefer to spam one particular article on this site. We'll see if anything else comes out of this ... |
|
|
Filed under: Comment Spam 1 comments (Post a comment) |
|
abgood |
|
|
Sunday, December 30 2007 @ 10:15 CET Contributed by: Dirk |
|
|
This has been going on for a few days already: Someone apparently registered a bunch of domain names starting with abgood, followed by another letter and .info as the top level domain. At this moment, he's spamming for various subdomains of abgoodd.info, abgoode.info, and abgoodf.info. There's nothing on the "main" domain (www or no subdomain at all), but if you go to, for example, map-austrialia.abgoodf.info you are being redirected to yet another one of those fake search engine results. Since this is such a nice and unique word, I'd suggest adding "abgood" to your spam filter and forget about it. read more |
|
|
Filed under: Comment Spam 9 comments (Post a comment) |
|