Author Topic: if you wanted to... (Read 311 times)

rabbidrabbit · « **on:** December 28, 2006, 09:25:29 AM »

Say you have a clean email account that gets no spam until one day.. it starts coming in. Say you wanted to recipricate the love by setting up your laptop behind a IP anonimizer and send the fine hero a few million emails in response or a simple page get a few million times in a day to help out with their bandwidth bill. What tools would you use? I guess I could script something but I'm sure there are a few email bombs or flooders out there. Any experience along those lines?

Nilsen · « **Reply #1 on:** December 28, 2006, 09:30:12 AM »

there are enough emails flooding the net so why be part of the problem?

rabbidrabbit · « **Reply #2 on:** December 28, 2006, 09:33:25 AM »

I'm not talking about sending spam. I'm talking about costing someone who is doing it.

Maverick · « **Reply #3 on:** December 28, 2006, 11:33:13 AM »

Quite frankly what you proposed is just as bad as the spam you are already getting. That would make you as much a part of the problem as they are. Besides, what makes you think that e-mail address will still be valid by the time you get around to spamming them? Chances are they'll just drop the account (if it's not closed by the ISP already) or they also are using an anomomizer just like you. They may also be using a trojan so someone elses computer is sending all the crap. Bashing them does nothing to the person really responsible for the trash.

MrRiplEy[H] · « **Reply #4 on:** December 28, 2006, 11:41:56 AM »

Yeah report the e-mails to your local law enforcement, the FBI is probably already tracking the guy.

Skuzzy · « **Reply #5 on:** December 28, 2006, 12:18:02 PM »

First and foremost.

How do you know what the email address of the spammer is? You can't. The return address will be spoofed. So you could end up sending a legitimate person a flood of garbage, which just might make him or her, place a call to the FBI.

How do you know what IP address the email came from? Again, the IP address in the email header you get will most probably be spoofed. Only your ISP (or anyone who has access to the mail server logs) can actually get the real IP address the email came from. Even if the IP address is legitimate, it will probably be through an open-relay server.

Bottomline: You cannot do anything with any assurance the person you hope to inflict pain upon is the right person. So, send the emails to your ISP, and include the complete email header. Even though it contains a lot of bogus information, it gives them a way to find the log entry on thier server. Without the email header, they will just delete the complaint.

Ball · « **Reply #6 on:** December 28, 2006, 01:01:25 PM »

Quote

Originally posted by Skuzzy
So you could end up sending a legitimate person a flood of garbage, which just might make him or her, place a call to the FBI.

Yeah. If you want to get him back rabbid, the correct email to spam is: support@hitechcreations.com

rabbidrabbit · « **Reply #7 on:** December 28, 2006, 05:49:45 PM »

Its my mail server so I know the sending servers.

I also know the sites they are sending me to in the links. I'll bet you that since they are the sites being advertised they very much know how the traffic is being driven.

Call the FBI? Unless I'm really missing something I'll bet you any amount of money that they get a good laugh whenever someone gives them a jingle to complain about spam.

I just want to do my part to end spam.

dmf · « **Reply #8 on:** December 28, 2006, 05:59:15 PM »

I replied to one of those emails once, and the mailer demon sent it back to me saying there was no such address, I even went to the website that the email said it was from , still no such address. I just set my email client to automatically mark junk mail a spam and delete it automatically.

Skuzzy · « **Reply #9 on:** December 29, 2006, 07:39:48 AM »

Quote

Originally posted by rabbidrabbit
Its my mail server so I know the sending servers.

I also know the sites they are sending me to in the links. I'll bet you that since they are the sites being advertised they very much know how the traffic is being driven.

Call the FBI? Unless I'm really missing something I'll bet you any amount of money that they get a good laugh whenever someone gives them a jingle to complain about spam.

I just want to do my part to end spam.

Ok, you are armed with the sending servers, which are more than likely simply open-relay servers. Contact the owners of said servers and let them know they have an open-relay.

If you are running your own server, you can also simply block any email from those offending servers as well. Kick back an error message stating, "Your server has been blocked due to either being an open-relay for spammers, or knowingly allowing spammers to use it."

And yes, it is illegal to knowingly attack someone or a server over the Internet in a manner which creates a DOS (denial of service), which is what you were considering in your original post.

Again, you have no idea who actually sent the emails. Even if they had an email address, it was probably a freebie email address which they would ignore anyway. More than likely the email address is just bogus.

Spammers depend on people to click on the links they send. They do not want to get an email back, unless they are phishing for addresses. A response simply means the address they sent to is valid and they will add it to thier lists, which they sell later to other spammers.

eagl · « **Reply #10 on:** December 29, 2006, 07:59:21 AM »

A simple trick I used to use to see if the spam source is a hacked "bot", ie. the compromised computer owned by some sucker, is to try to connect to it using simple windows file sharing. It's simple:

file://theipaddresshere/c$

There are other ways to access the admin shares, but if this one doesn't work then it's unlikely the others will either. If it's password protected, there are plenty of trivial dictionary attacks out there that can try a few thousand "typical" username/password combos.

If you can get in, chances are it's a hacked computer because no self-respecting "real" hacker or spammer will leave file sharing open.

Before this sort of thing was raised to a felony offense, I used to do a virus scan and run ad-aware on their shared drive (which took freaking forever because of the terribly inefficient file sharing protocols) and clean out anything I found. Then I'd switch their windows desktop background to a bmp file with big red text "your computer has been hacked - turn off file and print sharing, get a firewall, and run anti-virus software!". If they had a shared printer, I'd send the same bmp to their printer. Sometimes to be extra goofy if they were running win98, I'd turn echo on in their autoexec.bat, echo the same text message to their screen, and enter a "pause" command which would force them to hit enter to continue to boot.

I suppose I had too much time on my hands, but I gave about a dozen obviously compromised systems this treatment before it became a felony offense and I stopped.

rabbidrabbit · « **Reply #11 on:** December 29, 2006, 08:22:15 AM »

considering the sending servers are offshore I'm not worried about mailbombing them but I agree it's not going to cause them much concern.

If the servers in question are compromised then not much of anything will be effective. The problem is there are just way to any millions of idiots out there who empower these scum.

Moving beyond the above how about ideas on how to end the spam scourge? I would say a protocol based restriction on the number of emails that can be sent from a particular server would restrict it but still not stop it. The international aspect of the problem pretty much kills the legal restrictions issue.