Taking On A Spammer 286
_QED was the first of an onslaught of users to submit a story about a programmer who got his domain forged by a spammer and took action. I don't know if this is real and I'm certainly not suggesting doing this yourself, but this is an extremely interesting story.
It's probably not fake (Score:2)
As for the people who are wondering why he doesn't publish this on his own web site under his own name, e-mail address, home telephone number and social security number -- have you even for one second considered the fact that what he did was CLEARLY ILLEGAL?
Anyway, this spammer DOES exist. I actually first found out about this page from a recent post to the SPAM-L mailing list. Here is the first and third posts on that thread:
Subject: Nuke: from alts.net
Date: Mon, 5 Jun 2000 09:51:47 -0700
From: "Hart, Andrew"
To: SPAM-L@PEACH.EASE.LSOFT.COM
4601 W. Sahara looks very familar, but I didn't find
an abundance of recent NANAS hits against it.
-----Original Message-----
From: Technical Support [mailto:support@alts.net]
Sent: Wednesday, May 31, 2000 7:02 PM
To: *******@aol.com; TOSspam@aol.com; abuse@verio.net; abuse@alts.net;
tech@connectcorp.net
Cc: nanas-sub@cybernothing.org; spamrecycle@chooseyourmail.com
Subject: Re: [Email] Spam: Free Rate Quote!
Thank you for notifying us of this spammer. Our policies do NOT allow bulk emailings in any way. The account free-cybermarket.com has been terminated effective 10:00PM EDT 31 May 2000.
Best Regards
ALTS, LLC ABUSE
abuse@alts.net
At 08:50 PM 5/31/00 , *******@aol.com wrote:
URL: http://www.free-cybermarket.com/m/index.html
Dropbox: mailto:ulistsrvcs@fr.fm?subject=unsubscribe
FROM mail-abuse.org TO www.free-cybermarket.com.
traceroute to free-cybermarket.com (161.58.232.252), 30 hops max, 40 byte
packets
...
7 vwh0.dca.verio.net (129.250.30.166) 89.765 ms 91.406 ms 89.846 ms
8 free-cybermarket.com (161.58.232.252) 89.429 ms 89.517 ms 89.734 ms
Query: free-cybermarket.com
Sunrise Beach Inc. (FREE-CYBERMARKET-DOM)
4601 W. Sahara
Las Vegas, NV 89122
US
Domain Name: FREE-CYBERMARKET.COM
Administrative Contact, Technical Contact, Zone Contact, Billing Contact:
Enterprises Inc., SunRise (SE4175) sunrise@CONNECTCORP.NET
SunRise Enterprises Inc.
4601 W. Sahara
Las Vegas , NV 89102
NONE GIVEN (FAX) NONE GIVEN
Domain servers in listed order:
NS1.ALTS.NET 192.41.1.48
NS2.ALTS.NET 161.58.9.48
Details on NANAS
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=
J. Andrew Hart
Subject: Re: Nuke: from alts.net
Date: Mon, 5 Jun 2000 10:50:18 -0700
From: Jay Hennigan
To: SPAM-L@PEACH.EASE.LSOFT.COM
On Mon, 5 Jun 2000, Hart, Andrew wrote:
> > 4601 W. Sahara looks very familar, but I didn't find
> > an abundance of recent NANAS hits against it.
Seems to me that address turns up in the ICQ logs of Rodona Garst,
the posting of which kept me up all night reading. Fascinating stuff.
http://belps.freewebsites.com/
http://premier.cluelessfucks.com/
--
Jay Hennigan - Network Administration - ***@****.***
NetLojix Communications, Inc. NASDAQ: NETX - http://www.netlojix.com/
WestNet: Connecting you to the planet. 805 884-6323
It's a market failure (Score:2)
You can't really blame those PR people - maximizing your exposure for a minimum of expense is a basic goal of any marketing campaign. Spam is an example of a market failure, wherein otherwise beneficial free-market forces encourage behaviour which causes negative externalities (just like a manufacturing plant has an incentive to dump pollutants cheaply). Sure the spammer gets their message out, and might generate some revenue off that, but everybody else carries the expense of unnecessary traffic, pissed off users, etc.
The question is, how best to deal with this situation. Sure, this guy probably should have "changed the names to protect the (presumed until proven guilty) innocent," but would anybody have believed him in that case?
Re:How'd he get the screenshot?? (Score:1)
Not to turn Slashdot into a cracker training school, but here's one way.
Assume the Windows box has file sharing turned on and is poorly secured. Prepare yourself a back orifice binary, and place it in C:\WINDOWS\Start Menu\Programs\StartUp. OK, now you say, "But that doesn't take effect until she reboots." Fine, use one of the many readily available "Ping of Death" type tools to freeze up the machine. Bingo. She hits the reset switch and your nice little "remote admin tool" is now up and running. (since she's on AOL, take the appropriate steps to ensure that her new IP is made known to you when she reconnects.)
That's the simple version. Believe me, I've been in the position of defending machines and networks against similar attacks, and the things he's claiming to have done would not be that hard to pull off on the typical home users unsecured machine.
Re:C'mon, that's totally made up! (Score:1)
If he knew how to do that he'd be a novelist, not a hacker.
Re:C'mon, that's totally made up! (Score:1)
Well, since you can execute code on the taget machine (that's how you got BackOrfice installed, right?), what's to prevent you from executing BackOrfice immediately after installation?
Kaa
Lobotomy as Punishment?!? (Score:1)
Re:I don't believe it. (Score:1)
I have to agree with you. I am suspicious of how he hacked them... he provided all other details, why not these?
Now I didn't recognize one of the icons in the systray, I believe it was second from the left. The computer one with some kind of slice thingy. None of those others provide remote access to screen/keyboard. I didn't see any VNC Server there, nada. Now that icon may be a PC/Anywhere icon but I don't use that software and don't recognize it.
Anyway I'd like to see some more proof.
BTW: If this story is true: Great. I hope the spammers have a lifetime of grief bundled into the next couple weeks. They deserve every measure of it. If it's untrue, however, this "Man in the Wilderness" should be subjected to a swimming pool full of double-edged razor blades.
Re:This Article is FAKE (Score:1)
Not only is it NOT unlikely, it's actually quite common.
Re:C'mon, that's totally made up! (Score:1)
Too convenient (Score:1)
This story sounds something like you'd see on TV or the movies, where everybody's computer is "hackable" and you can see what they are doing on their computer in realtime.
Let me guess, he typed a command on the spammers computer saying "ACCESS ALL OF THE SECRET FILES" in huge letters and got everything he needed.
The wild west isn't where I want to be. (Score:2)
. When you show up in a country that (despite what anyone says) is run like the Wild West, stealing a few horses is going to get you in trouble. No matter how normal it is in any other place you've done business.
What is disturbing to me is that all we have is this guy's word. Now I happen to believe him, but what if this whole thing turned out to be a clever and malicious hack taken out at these folks' expense?
Where there is no justice, I have no problem with the quickest gun carving out his own revenge. But it would be better if there were something like due process and independent review of evidence, and impartially and uniformly implemented punishment, rather than a system of self appointed judge/jury/executioners. That way the little guy and the inexperienced get justice too.
Re:I don't believe it. (Score:1)
there are 95 icq logs, spanning over 2.5 megs, all of text. This is *51000* lines of text! This would take huge amounts of time and effort to forge in any consistent manner, which they seem to be. I agree the methodologies that he described are pretty vague, but he got these logs somewhere, as well as a ridiculous amount of email. And if they are all real, the person who wrote them is obviously a hardcore spammer.
So Obviously real... (Score:3)
These low-lifes routinely INSTALLED PCAnywhere on their machines so they could work from their laptops in bed!!!! Getting in was a no-brainer!! And they didn't know sh*t about the technology!!! They had a revolving door of script kiddies that had to set up their systems!!! They only knew what the script kiddies taught them!!
And check out some of the other URLs mentioned - they are all there! (like silver-shamrock.com)
"We have heard the BS alarm.....and it is you!!!"
Re:C'mon, that's totally made up! (Score:4)
If you have a problem with spam, FIRST, secure the domains with Nessus.
THEN, configure your mail server to bounce mail with broken headers.
THEN, follow the Advanced Networking HOW-TO to set the queue for TCP connections to port 25 to a much smaller value.
Finally, only accept connections from hosts with a valid IDENT response.
Chances are, your average spammer won't be capable of forging any e-mail that can pass through even rudimentary security, such as this, without having to reveal their true name & true e-mail address. Something your typical spammer is unlikely to do.
Re:Story... (Score:1)
Re:C'mon, that's totally made up! (Score:1)
and left sharing open
simple install subseven on her machine
not heard of it?
nvr mind
Thanks for the best laugh I've had in a long time. (Score:1)
Yeah, these losers have been filling my mailbox up with crud, too.
I was looking forward to e-mailing the creator of this website to congratulate him for his wonderful efforts, but when I pointed the mouse over the e-mail link, I noticed I'd be e-mailing myself. D'Oh!
Oh man, I don't think I've ever laughed so hard while being so angry. It's the weirdest combination of emotions.
I can't get over what illiterate schlump she is, especially from her screen shots. (I guess Windows' poor security is a good thing after all...)
Dude, I know you're out there, and I'm sure you probably read Slashdot at least occasionally. Thank you for taking the risk to stand up for what is right... even if it's technically illegal.
I suggest that we set up a legal defence fund for this guy, just in case he ever gets caught. How's a little Slashdot charity sound? If we combine our resources, I'm sure he could hire OJ's lawyers - and if they could get OJ off, they can get anyone off.
some depth of truth (Score:2)
anyway, here's a bit of extra fact:
"Pump & Dump" Claim [freewebsites.com]
Mark Rice Insider Info [yahoo.com]
So he does exist, and he did want to trade 50,000 shares. Of course the problem with good lies is they are often half-true.
Re:Technical Detail (Score:1)
Not that the PC Anywhere theory is implausible, I'm just making the point that it wouldn't be too much more difficult to get the same access even without getting lucky.
Re:Throw them in the pit! (Score:1)
Got a message back from the "Great Man" himself, with his claims of being anti-spam, &c., &c., blah, blah, blah. Truth be told, I never heard from that spammer again -- nor any other that I could trace through Wallace, since then. (This is in the context of 300+ confirmed kills for 1999, and over 200 so far this year.)
Kinda cool, though, putting a tick-mark on my SPAM can to represent that kill. :-)
How to bill spammers (Score:2)
The Windmill e-Mail Parsing System(c) indicates that the message you have sent is an advertisement, commonly known as SPAM mail. If your message is NOT Spam, please click your e-mail program's "Reply" button and re-send your message.
If your message IS Spam, be advised that this is a Business E- Mail address, and and as such costs money to maintain.
Your e-mail costs us money.
Any further advertisements sent to this address will be invoiced to your firm at $5.00 per message. The act of sending further e-mail messages to this address is considered acceptance of this billing arrangement.
MIS Department
Accounts Receivable
If they send us more SPAM, I send them this:
Please consider this your invoice for $5.00.
Reply promptly with information regarding your preferred payment method. You will not be invoiced for any e-mails exchanged regarding your account.
Your Customer Number is SPM23975, please use your customer number in all correspondence with ETS, Inc.
Have a nice day.
Accounts Payable
Nothing has ever come of it, but it makes me feel better.
Matthew Miller, [50megs.com]
Re:This Article is FAKE (Score:1)
sometimes they even have their printer shared so you can send them messages
Re:Fake? Seems like it. (Score:1)
And it looks like they're using Windoze and haven't got their DNS set up properly:-
Re:Spam Spam Spam... (Score:2)
Better yet, go find yourself a copy of Stevespam [lycos.com], one of the best .mod files I've ever heard!
I guess I'm kinda dating myself here... I was deep into BBSes when this song came out. Wow I kinda miss "Dial attempt #322..." on Telix. :-)
Re:where are the details (Score:2)
Discovering the originating IP address from the headers of a given message is trivial. Most SMTP MTAs record the IP of the client connection in a Received: line. All one need do is examine the first non-forged Received: line in the message header.
Re:something is wrong in that screenshot ! (Score:1)
Re:Story... (Score:1)
Story... (Score:1)
Need Technological solution (Score:3)
freewebsites.com slashdotted already! (Score:2)
-russ
Spam, anonymity and reputation (Score:2)
As for anonymity on the net, I'm actually for it. I also for a more secure network. And I have no problem with blocking sites and users that break the rules without needing to find out who they are. However, if this story is true, the spammers in question made no attempt to be anonymous. They revealed who they are through publically accessable information. Too bad.
I have read a couple of suggestions for persistent anonymous identities on the net. People can decide whether to do business with you based on the reputation of your anonymous identity. That would require a couple of important components:
Certainly, there would be nothing to stop people from maintaining multiple identities or creating new ones on a whim. However, if your reputation was your ticket to transactions on the net (buying, selling, possibly even working), it would be worth a lot. Set your threshold at 2 and refuse to talk to the ACs and new users. The choice would be yours.
The bottom line on anonymity is that in a sense, true anonymity is impossible. To achieve that, it would have to be impossible to link anything I say or do to anything else about me. That would mean that every e-mail message, every web page, every Usenet post would be a disconnected entity. That isn't useful, and probably isn't possible.
What is useful is when I can go online and seek information about a medical condition I think I may have without leaving a trail that insurers can link to me as a customer. If they want to know something about my medical history that's fine. They should have to ask me. They can refuse to insure me if I refuse to divulge it. Limits on the scope of legitimate questions are a matter for the legal system.
Anonymous identities are most useful when they allow two-way communication. That requires persistence. And that means that they are subject to retaliation for their actions. The retaliation is simply limited to what you can do to an anonymous ID. You can wreck its reputation so that others won't do business with it. With a strong mechanism to accomplish that, imagine what would quickly happen to spammers. If we could identify them as spammers within minutes of the first offense, and nearly everyone used filters that would then refuse mail from them, how much of a business could they build?
Imagine if it became public knowledge that they had engaged in a pump-and-dump scam before the markets opened the morning after they sent their e-mail. Would you want to be a spammer holding 100,000 shares eVapor.com when NASDAQ halts trading on it because the pump-and-dump is reported before the opening bell? Watch the $80,000 you put into it turn into a complete loss.
Hmmm (Score:2)
Re:C'mon, that's totally made up! (Score:2)
But here's a potential loophole (unless I'm totally wrong in my figures, which I could be...someone please recheck):
The screenshot says she was sending 3,522 e-mails per hour. That's just under 58 e-mails per second. She was supposedly using a throwaway AOL dial-up account. (The frac T1, it was said, was not used for sending spams.) Even if the laptop had dual-channel ISDN, the maximum she could spew just under 16 kilobytes per second. This would mean the size of the e-mail would have to be 282 bytes. That's enough for maybe just over four lines of text. The examples provided on the site had multiple paragraphs of text and bulleted-item lists in the spam-mails.
It doesn't add up. She **might** get 58 spams per second if #1) there was no bandwidth wasted to pesky things like TCP/IP headers and SMTP commands, #2) there were no rejected spams, #3) she had a dual-channel ISDN connection with compression for her AOL dial-up, and #4) the spam-mails were very small.
I really find it hard to believe that AOL offers dual-channel ISDN with compression and that Rodona coincidentally has an ISDN adapter for her laptop and the spams she happened to be sending when the screenshot was taken were uncharacteristically small.
But I absolutely **love** the story. Should've been a book. I really, really hope that it's true!
Running Roughshod over the bill of rights (Score:2)
carlos
Re:How to bill spammers (WRONG!) (Score:4)
Your idea about sending a fake bill to spammers is a very BAD idea. By sending them email, you verify your existence. Once your address is verified as "legit", what happens? You get more spam. For the same reason, never click on their "click here to opt out" links!
I'd advise using Spamcop (spamcop.net [spamcop.net]) The free part of SpamCop un-obfuscates the email header information, then allows you to automagically send a letter of complaint to the appropriate authorities. Personally, I've seen several accounts (email and website) disappear after I've used Spamcop against them. It's quite satisfying. Spamcop also has a fee-service for filtering email (which I haven't tried yet).
I hope this helps!
Re:The wild west isn't where I want to be. (Score:2)
Do you really think anyone would take the time to forge a 20 pages long ICQ conversations? We seem to have a lot more than just his words. Yes, this is "vigilange justice" web style. You are the due process and independent review of evidence. All this guy has done is organize and present it.
--
Re:something is wrong in that screenshot ! (Score:2)
Duh.... unless the "screenshot" is faked, a point you were obviously too dull to catch on to...
-- Your Servant,
Re:Who else thinks Rodona Garst is cute? (Score:4)
Spammer's phone rings.
``Hello?"
``Yeah, hi! Is this $SPAMMMER?"
``Why?"
``I got a copy of your spam, the one about the web site that promises ``Real Time Lezbo S&M Action". I gave it to a nerd buddy, who tracked you down. I decided to come on over & see you perform."
``If you come over here, I'm gonna call the police on you."
``I already talked to the chief of police in your town. He's pissed that you sent his child a spam advertising that web site about ``Old MacDonald & His Cow", so he's coming over too. In fact, that's his car sitting in the driveway. If you perform well with Mistress Domme, he's willing to drop the charges. Be sure to ice down the beer!"
Jeez, I'm about to blow all of my karma on this one sick joke.
Geoff
Re:OFFTOPIC! (Score:2)
THIS IS WHY YOU DON'T RESPOND TO SPAM -- EVER! (Score:2)
These people are willing to steal other people's AOL accounts (OK, let's all laugh at the AOL users, but it could have easily been a local/regional ISP) to send their spam, the "pump and dump stock scam" probably damages both the hapless investors and the company in question, all in the name of making money.
I say we mega-Slashdot this site -- send a copy of this URL to everyone you know (_especially_ if they use AOL) and tell them to look at it(*). Point out that just because it's comes from a *koff* "trusted" site like eBay or Microsoft doesn't mean it's any more welcome or desired. Make sure that people start using a company's or site's "opt-out" policies for junk mail.
I don't know at what point spam becomes "unprofitable" but the more people who refuse to cater to spammers or their clients, the better.
Jay (=
(*) Okay, maybe not everyone you know. No point in spamming in the name of anti-spam. But at least tell people about the site.
Anthropy principle (Score:2)
Re:Story... (Score:2)
Would be even more fun if I got to administer the clue-by-four to the spammer personally, though...the criminal justice system is so impersonal.
I made the list!!!! (Score:2)
http://homepages.manawatu.net.nz/~alanjb/misc.h
LK
Re:You've got to be careful with this... (Score:2)
Whether this spammer (the "poor dork Rodona Garst") is stupid or not is really irrelevant. By the fact that she is able to use a computer to send spam, con naive AOL users into providing their usernames/passwords, participate in illegal stock schemes, etc, she has demonstrated that she has sufficient mental capability to be considered mentally competent (i.e. not mentally retarded or insane), and as such is responsible for her actions. And as they say, don't play with fire unless you're willing to get burned. This time, she got burned, and I feel no sympathy for her. If she was unwilling to take the risk of her (immoral, and some illegal) actions being exposed, she should not have performed those actions, and *further* should not have framed innocent people for them.
Now, I might be swayed by your argument about stirring up a "lynch mob", had this simply been a case of political disagreement, or someone doing something unpopular/controversial, etc. But the problem here, to me, is that not only did do it, but then framed an innocent individual for her spams. If that individual then comes back and kicks her in the ass, well then c'est la vie. She can deal with it. If she was spamming people without forging her IP (or forging it to be restricted numbers, thus not implicating innocents), then maybe publishing her information would be too extreme. But in this case, I think it is appropriate.
All in all, I think she and her associates got off rather easy. If the story is true, and the Man In The Woods did indeed gain access to the computers of Garst et al., then he could have easily destroyed everything on their disks rather than simply publishing the information about her deeds on the Web. Or perhaps he could have discovered sufficient personal data to cause more personal havoc in her life. Given the hassle that she caused, I think he showed remarkable restraint
I've got a feeling (Score:2)
This guy claims to be such an important security expert, yet in addition to reading all of the "Hacker books", visiting "Hacker webpages", reading all of the traffic from the "Hacker mailing lists", and earning a living he STILL has time to hack his way across the internet and steal a hundred megabytes of information from these people.
I think that he even throws in the negative comments about AOL users in an attempts to curry favor with people like us.
Rodona, or whoever she is, has some decent nipples but I doubt the veracity of his story.
LK
Re:Technical Detail (Score:2)
That list is probably at least partially a list of posters to news.admin.net-abuse.*.
I never reply to spam. I often followup spam to originating site's postmaster/abuse. I occasionally post to nana*. I'm on the list.
Oh, and to those who say "the whole story of hacking in is impossible!", bite me. People are really that dumb---I've known lusers who
I'm not convinced this story is real, but I'm sure it's not impossible.
Re:Umm... It's fake? (Score:2)
I took a look at this list. A number of the names are obvious spam-blocks, abuse@*, etc.
And I found my own name. Four times, different variations. Wow, & I haven't complained about spam in years. (Could it be that I'm just a cheap SOB who won't buy anything advertised in email? Naw.)
But I'm saddened that they didn't include my favorite spamblock of all time -- the one where I used ``cyberpromo".
Geoff
Parallels (Score:2)
It seemed to me to either be a very similar situation, or a fairly blatant rip of the story.
-------
CAIMLAS
Re:It's a disgruntled ex-employee (Score:3)
You can see for yourself. pdrap@ctp.com, pdrap@concentric.net and pdrap@cris.com are all on the list. Those addresses are no longer active, but at one time I did a helluva lot of spammer killing with those addresses.
I was skeptical too, but after considering it all night, it makes much more sense that he snagged the info using Back Orifice than the notion that he made it all up. Particularly so since the data appears to be accurate.
Re:I don't believe it. (Score:2)
As for WHY he doesn't say how he did it - maybe he's anticipating being able to "get" them again, and doesn't want them cutting off his access?
Re:It's a disgruntled ex-employee (Score:5)
There are other incorrect technical details which would point to this poster being more of a user (ex-spammer) rather than a system administrator. The "blank Bcc: line" comment is wrong, because Bcc: is a function of the MUA, once it gets sent to the MTA over SMTP, every one of those addresses is converted to an RFC821 RCPT command.
I got the exact same feeling from this whole affair as you have, an ex-spammer disgruntled he didn't get paid for something. He/She had some time alone with Rodona's laptop, and copied a bunch of stuff onto some floppies or ftp'ed. With a little fixing up to appear as an agrieved sysadmin to throw his ex-employers off the scent.
Spammers and telemarketers are all fair targets for retribution, whether through hacking or social engineering (the sex survey, FBI hotline, others)
the AC
C'mon, that's totally made up! (Score:2)
BTW, I host my own domains and email and I monitor spam closely. The problem is getting worse: There's even a spammer operating over the last few days who is mailing to "postmaster@" and that is a huge no-no. They are shameless.
Legal? Who cares? (Score:2)
In case of Slashdotting read here... (Score:5)
http://elias.rhi.hi.is/premier.cl uelessfucks.com/ [rhi.hi.is]
http://cow.org/~noise/belps.freewebsi tes.com/ [cow.org]
http://homepages.manawatu.net.nz/~alanjb/ [manawatu.net.nz]
There is also some interesting posts at an old mirror here:
http://premier.cluelessfucks.com/ [cluelessfucks.com] (gotta love that domain name!)
This is great information... where else could you find out how many freckles are on a spammer's ass
------
IanO
Re:The wild west isn't where I want to be. (Score:2)
As I said, I believe this guy is telling the truth and that this little piece of frontier justice is justified, in absence of any other kind of protection.
However, I'd like to ask you why you think it is so implausible that somebody who wants to trash somebody's reputation badly enogh wouldn't go through the trouble of forging 20 pages of dialog. Here's a true example from my circle of acquaintences: Woman A get's involed with a man whose ex-girlfriend (Woman B) was emotionally unstable. Woman B fixates on woman A as the source of her problems, and begins to intercept some of her mail. Woman B begins to send change of address notices Woman A's creditors, and eventually begins to apply for credit cards and record club memberships, ignores important legal notices etc. Woman B successfully trashes (at least temporarily) Woman A's credit rating and causs no end of hassle.
The world is full of fruitcakes with too much time on their hands.
The problem with frontier justice is that everyone, the reasonable folks and the kooks thinks what they do is justified. If you think this is a good way to run a society, check out the movie, The Ox Bow Incident.
Whoops (Score:2)
Pump 'n' Dump (Score:2)
Smallcap (penny) stocks that are basically scams (those with many shares are 'pumping' the stock by all this spam, hence creating volume, and an increase in price, and an increase in demand for the stock, and then dumping what they own for moremoney.)
That is not what stock is about, and it's illegal.
Remedial English for Script-Kiddies (Score:2)
Of course. I wouldn't put my main e-mail address on a webpage like that, much the same way I don't put my main e-mail address up on Slashdot. Web-based e-mail is wonderfully anonymous (when you kill all browser cookies), and since you only end up downloading the message from the server if you click to open it, you don't waste an hour waiting for a day's worth of spam to be fed down the pipe from your POP3/SMTP mail server. That was probably the easiest option available to him.
Given that the subject matter was illegal and it's not impossible for Hotmail or Yahoo or others to trace IP addresses, my next tactic would be to use an cyber cafe or some other similar place to create the e-mail address. Probably, I'd upload the webpage to the server from another cyber cafe to assure greater anonymity, just in case they're logging IP addresses, too.
Further, it's easy enough to write a Javascript that breaks your e-mail address into two pieces so that webspiders don't find it and spam it, and yet when a user clicks on the link, it gives you the correct and complete address. I'd pass you the script you can add to your own websites to do this but I don't have it handy right now. It's common enough knowledge, I didn't write it.
Subj: Your an idiot. (Score:0)Hmmm. Generally, if you wish to insult someone effectively, it's better to have a thorough and proper command of the language you are using.
Pursuant to the above paragraph, you will note this convention, used every day in common English:
"your" = possessive. ie. "It's your brain that doesn't work."
"you're" = contraction of "you are". ie. "You are about as intelligent as a tsetse fly."
To combine the two into an impressive demonstration of your new-found (though, ironically, remedial) English skills, you could use a sentence like the following:
"It's not your fault that you're not very intelligent."
Along those same lines, you should be aware of tricky words like "there", "they're" and "their". And "its" vs. "it's" never ceases to confound.
Since I suspect English is your first language, I would expect you to demonstrate a more thorough command of the language than was demonstrated in your post. One's second and third languages are generally expected to display grammatical and contextual errors; but I would doubt you have either the tenacity or the requisite breeding required to learn a second language. I have nothing but respect for those who learn several languages, since it's not an easy process. (I know, I speak several fluently.)
I hope that you get to use this tidbit of information to avoid being marked down on your high school freshman English tests.
Now, isn't there a nice and warm Sony Playstation waiting somewhere for you? Or maybe you prefer a little Jerry Springer?
Re:something is wrong in that screenshot ! (Score:2)
The computer sitting next to me was moved from dialup to DSL... and as long as the modem is donw, icq netdetect still thinks the machine is 'offline' (even though ethernet link is up)
Gotta be fake, (Score:2)
Re:So which is it? (Score:2)
Re:I don't think he did enough (Score:2)
http://wwp.icq.com/3483645
Re:It's a disgruntled ex-employee (Score:2)
Notice that the author only shows ICQ stuff from a few machines. That ain't a lot. In fact, two of the machines were prolly sitting next to one another. Simply email/ftp all the icq message files/.jpegs/.txt files and ya got lots of ammo. Getting near three machines is pretty easy. Hell, look at how Kevin got all his passwords - he just called people on the phone and said "what is your password?" They gave it to him.
However the site author did it, it is pretty damned wicked.
At least the WHOIS is real (Score:2)
Matthew Miller, [50megs.com]
Re:I don't believe it. (Score:2)
Don't confuse your ignorance with technical impossibility. BackOriface is similar to pcAnywhere or Microsoft's SMS, all of which give you remote GUI access to a Windows box. Want even more? According to the Back Oriface feature list [bo2k.com] BO2k supports Multimedia support for audio/video capture, and audio playback.
Note that BO is pretty easy to install. A shared drive with no password or a weak one or a trojan horse email or website (ActiveX can work for you!) would all allow you to break into a clean Windows box. One with dozens of insecure programs installed (e.g. ICQ, some IRC clients, some email clients, etc.) would be even easier.
__
Re:C'mon, that's totally made up! (Score:2)
First, apparently all the people of premiere services used ICQ to communicate and possibly send files and other gimmicky junk around. Tag BO onto a funny Flash animation or something...... send it to two of the premiere services people as coming from each other.. do a little social engineering so they wont suspect that it wasnt the other person that sent it.... BO is installed and running in about 30 seconds and blammo you take a screenshot. How long does it take to send 500K emails over a dialup? You have plenty of time here.
Presumably, a trojan would have been used as he's just gotten too much information off of those computers not to have used one. Either that or a problem with Windows shares..
~GoRK
So which is it? (Score:5)
You know something. I find it very disgusting how so many people who advocate an anonymous internet when it comes to file sharing on Napster, and so forth, but the MINUTE they get spammed, they are all shouting about accountability and how we need better records of who is using the internt.
People, the internet is both accountable and anonymous. Basically, if you want to be anonymous, it's not that difficult to do so. And, if you want to be accountable, you can do that too. The point is, spammers will always fake headers in some way, and "illegal" mp3s will always move anonymously through non-logging proxies, and people will continue to put up webpages showing off their new Corvette, including exactly where it's parked at night, and where in the garage the keys are stored.
The only combat we have against Spammers, is the capitalist approach. Spammers would not be in business, if not for all of the nullheaded PR people who feel they need to mass-market the internet cheaply. And there is nothing expensive about loading up a bulk email program and sending mail to a half-million people.
At my company, we urge our marketing department to stay away from companies who want to send out spam on our behalf. And we've batted 1000 so far (thank god). I feel that we're doing our part by not supporting companies whose only product is unsolicited email. So if you ask me about the "big picture" of stopping SPAM, my answer is simply, stop paying them to do it.
Re:Case by case, anonymity can be necessary (Score:2)
Bad Mojo [rps.net]
Re:Parallels (Score:2)
-------
CAIMLAS
Re:Technical Detail (Score:2)
if it's a fake, then why..? (Score:2)
Fake? Seems like it. (Score:5)
By carefully examining the email headers and message body of previously sent spams I was able to identify a unique signature that appeared in every email the spammer sent. I designed an email filter to detect this signature, and placed it on the mail gateway of a high volume Internet mail server
The above just makes me laugh, if you ignore the question of, "how'd you get that filter program on the 'high volume internet mail server'?" Did you use your h4x0ring sk1llz, or was it your own for your business of providing advanced TCP/IP know-how?
Once I had escalated my remote access to that of a full privileged local user
We're talking windows 95 here.. At least judging from the screenshots. EVERY user is fully privileged.
There was only one way to find out how many of them were forging my domain. I was going to have to hack them all!
I love that quote. It sounds like it came straight out of "Hackers."
Regardless of whether or not it's fake, it's entertaining in two ways -- once as a fantasy tale of someone taking revenge on spammers, and once as a badly written overly dramatic technical article from an advanced TCP/IP know-how provider who can use advanced tools like NSLOOKUP and WHOIS...
Re:I don't believe it. (Score:2)
Not to mention a file of 200,000 addresses of "confirmed anti spammers" that should never be mailed. Since I found my own address on that list, I have reason to believe that they weren't just randomly generated.
It's a disgruntled ex-boyfriend (Score:2)
But for all that, I didn't find the "hacking" story all that implausible, details or no details.
Re:The wild west isn't where I want to be. (Score:2)
concerned party's actions (both his and theirs). They are more than free to respond, although at most that
would warrant a slashback blurb. This is the proverbial "head on a spike" to warn the others. "Brutal" indeed.
Sure, I agree with almost everything you've said, conditioned on the premise that he is telling the truth. I believe he is telling the truth as he sees it, but clearly he is not a disinterested party. The animus he bears to these people, while understandable, makes me view what he says with caution. The "brutal" material he posted was in my mind uncalled for, as it had nothing to do with what they did to him or other people. It was disproportionate and mean spirited. Enough to uncover their illegal actions and leave it at that. The desire to hurt and humiliate another human being (even under some provocation) does no favors to a man's credibility, at least in my book.
And I'll check out the movie. This one right?
Yep, with Henry Fonda. Enjoy.
You've got to be careful with this... (Score:5)
This was a long time ago, and I don't feel good about it now. I don't know what happened to the guy, but given what he appeared to be up to he might easily have been disciplined or even sacked. In some senses he deserved it, but...
My 'victim' (and this poor dork Rodona Garst) are low-life - nasty, but also pretty stupid. Many of the new generation of Net users simply don't appreciate how the net's resources can be used to collate information about them, how much about themselves they reveal.
There may be many people in Clarkesville, TN reading this story now - /. is widely read, and, significantly, is widely read by journalists who may take up the story. By publishing personal details about them we risk stirring up something like a lynch mob - not necessarily in this case, but the potential is there.
Don't get me wrong - I dislike spammers and scammers and borderline criminal sleazoids as much as anyone, and there's no doubt that this Rodona is a sleazoid. The issue is the power of the medium which is being used against her. Yes, sure, it's the same medium that she has been using against others; but it is also a very powerful medium.
It is, I think, appropriate to make evidence of this sort about this sort of people available to their local police office if you think a crime is being committed (as appears to be the case here); but given that sleazoid lowlife are often not the best balanced of people psychologically, we may be whipping up a storm of hatemail and hate phone calls which may cause harm out of proportion to the crime.
Re:It's a disgruntled ex-boyfriend (Score:2)
Either way, it was someone with physical access to the machines.
the AC
[thats put a damper on my sex drive for a while]
But the addresses are real (Score:2)
Between a rock and a hard place (Score:2)
I don't believe it. (Score:5)
All that I can see in "Man in the Wilderness'" claims are a few addresses and phone numbers that anyone could come up with using WHOIS and one of the gazillion phone directory web sites. His claim of capturing a screen shot of the spammer's computer is just outrageous...Windows may be full of networking holes, but c'mon...
I don't doubt that he was spammed...and I don't doubt that he was spammed by the spammers that he's claiming to have cracked. But I think that almost everything on that web site is made up.
Sure, he probably feels good that he could associate some names to the pages that he posted, but the text reads like a really bad detective story.
Maybe I'm wrong, but looking at the story with an impassioned eye sure makes it look like some guy with an ego and an axe to grind needs to take a creative writing class.
-h-
Re:You've got to be careful with this... (Score:2)
> reading this story now -
> significantly, is widely read by journalists who
> may take up the story. By publishing personal
> details about them we risk stirring up something
> like a lynch mob - not necessarily in this case,
> but the potential is there.
I agree. And furthermore I really think slashdot
should have done a little more research before
posting this one. I mean, these people's lives
are likely to be completely hell for a long time
now because of this slashdot post. What if the
story is not true or only partially true?
Don't get me wrong, I love slashdot and read
daily, but "the slashdot effect" is a damn
powerful thing. I would like to think you folks
would stop to think and make sure you are using it
wisely.
Re:You've got to be careful with this... (Score:3)
I submit that ignorance of `the law' is no excuse. When you show up in a country that (despite what anyone says) is run like the Wild West, stealing a few horses is going to get you in trouble. No matter how normal it is in any other place you've done business.
The wider you spread the spam, the more likely someone is going to do something about it that isn't legal. You're asking for trouble.
Is it so hard to build legitimate e-mail lists of people who want info about your products? I have no problem with that type of e-mail solicitation.
Bad Mojo [rps.net]
Re:So Obviously fake...(not at all) (Score:2)
This is part of the problem: a lot of people think that win9x has some security. It was never meant to.
Re:Snagging AOL User Names (Score:4)
--
Re:Technical Detail (Score:3)
By the way, the archive didn't shock me because of Rodana's pictures, but because of the size of antifile.zip - if those people are only the ones who hoped to get removed from Garst's List (I found five of my co-students on it), how big must the full archive be?? Twenty million email addresses? Forty? One billion?
We are just some toy in the spammer's hands. I'm never going to reply spam again "to be removed". Deleting is the only thing that helps. Well, I could put up a
something is wrong in that screenshot ! (Score:2)
Re:CHECK OUT UGLY RONDA's TITS (Score:2)
-russ
Re:So which is it? (Score:4)
"You're making a common mistake. You're confusing insanity with style." - Quintin Stone
Basically, if someone wants an anonymous internet, too bad. No one (who is sane) wants that. What people want (that you don't seem to grasp) is Free Speech and privacy. These are not the same as anonimity. A handle or nick is not the same as being anonymous. The only time anonimity is good is when it contributes to Free Speech. Something spammers will try very hard to argue in their favor, as they have in the past.
Anyone who cries out to be anonymous on Napster or Gnutella is just wanting to not be held accountable. They are not trying to be anonymous to protect their rights.
In the end, a spammer is no different than a person who sends out 5000 faxes to people who didn't ask for them. Instead of paying for 5000 sheets of paper, the spammer is relying on someone else to foot the bill and pay for the fax paper their ad is printed on. This is nothing short of theft of resources in order to make a profit.
*DISCLAIMERS*
1) Yes, I know I make some assumptions in this post. I'm sure there are some people who want the internet to be totally anonymous. I think those people are crazy.
2) I know I can't spell. Sorry. I try.
Bad Mojo [rps.net]
I don't know if it's true .... (Score:2)
It's a disgruntled ex-employee (Score:4)
So I'm gonna say that this is some ex-employee who pulled a bunch of stuff off of his co-workers' drives before bailing. All in all, a pretty admirable example of workplace sabotage. Bob Black would be proud.
-carl
Re:Technical Detail (Score:2)
Re:New Slashdot poll: How many people believe this (Score:2)
1. He never says the name of his employer because he doesn't want to get fired and get them sued. Probably did a lot of this on company time.
2. No contact info for someone who maliciously cracks into a machine? Imagine my surprise.
3. He didn't convince them to trojan the machine. They shared their C: drives to anyone on their LAN. Anyone. No authentication. And the LAN was connected to a high speed link. So he placed the trojan and the command to install it himself(either thru win.ini or some registry merge).
4. Why "hack" an entire site into existance? Let some free server handle the load. It's anonymous and free. Plus, the guy probably (hell, most likely) doesn't have the skill to hack a site into creation.
My guess is that people suffer from some form of envy for his simple prank, and have deemed it "impossible" based on their jealousy.
Re:It's a disgruntled ex-employee (Score:2)
Perhaps the story writer was not the actual cracker, but a friend of said cracker, and got the details skewed.
Re:So which is it? (Score:3)
Capitalism is no better or worse than dealing with this problem than any other philosophy. In the end, the only guaranteed solution is secure authentication and compliance with standards. Do that, and spam would cease to exist.
Re:New Slashdot poll: How many people believe this (Score:2)
He never says the name of the ISP he claims to work for.
Maybe because what he (supposedly) did, while understandable, is actually illegal?
No contact info provided for him at all as far as I could see, no name, no email, no icq, nothing... not even a fake hotmail email address or something...
Maybe because what he did is illegal?
He is hosting this site on some crappy free web server.Maybe because what he did is illegal?
Re:So which is it? (Score:2)
- An ISP whose mail server goes down because of the sudden rush of out going mail
- An unfortunate user whose valuable paid-for connection time is used downloading spam (think European telecom costs)
- The unfortunate ISP who receives a half-million bounce messages.
Spamming is criminal, or should be. Anyone who does it deserves the full penality of law. Since law seems to not be able to deal with it, vigilantism is our only recourse.---
Re:C'mon, that's totally made up! (Score:2)
Ever heard of something called BackOrfice?
Heard of it. Can't remember though if it will start immediately on installation, or if it needs to wait for a Windows restart (like everything else !). This is not only a screenshot (which isn't impossible), but it's (allegedly) a screenshot made very soon after the white-hat first connected to the Spammer's machine.
Any BO experts around ? - How quickly can you bring it up and functioning ?
Re:C'mon, that's totally made up! (Score:2)
How exaclty are people who use Win32 supposed to send mail through the SMTP server then? What about machines which have been rooted, or otherwise have identd installed to fake responces?
Relying on the client to provide valid data is a trivial security flaw. Perhaps you mean to say, "only accept mail to a non-local domain from an explicit set of IP addresses," and make sure that your machine has anti-spoofing enabled to its highest level via
echo -n "Setting up IP spoofing protection..."
for f in
echo 2 > $f
done
echo "done."
You'll also want to use the Postfix [postfix.org] mailer, as you have to misconfigure that to relay spam.
---
Re:C'mon, that's totally made up! (Score:2)
Re:You've got to be careful with this... (Score:2)
As for the pro-life group & the doctors, people got upset with the pro-lifers because it affected their freedom. But a lot of the same people are probably pro this hacker, because it doesn't affect them at all, and a lynching makes for a good show to such minds.
IMHO, people generally act out of self-interest, but defend their actions through some "after the fact" pseudo-principles.
I'm going to say the same thing a guy said, about 2000 years ago, before he got nailed to a tree: Don't be hasty to judge. Nobody's perfect, and we are all going to tread on other's toes. It doesn't have to be a capital offence, it just means that we might want to talk things out, honestly, with no protecting one's back. Inside every Ogre, there is a wounded kid. Is kicking him some more going to make him any less wounded?