1997-05-08 - Re: Spam Update/Cyber Promo attacked

Header Data

From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)
To: cypherpunks@toad.com
Message Hash: 699e76eb285bde25582b12c40fa9b290ff02f28e4b83f78b0d8cfed1d52cde9a
Message ID: <9mXc7D3w165w@bwalk.dm.com>
Reply To: <>
UTC Datetime: 1997-05-08 00:50:21 UTC
Raw Date: Thu, 8 May 1997 08:50:21 +0800

Raw message

From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Thu, 8 May 1997 08:50:21 +0800
To: cypherpunks@toad.com
Subject: Re: Spam Update/Cyber Promo attacked
In-Reply-To: <>
Message-ID: <9mXc7D3w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain

Rick Osborne <osborne@gateway.grumman.com> writes:

> >PHILADELPHIA, 5-7-97  Bulk e-mail giant Cyber Promotions is under attack by
> >"anti-spam" hackers. [...] Currently thousands of businesses with web pages
> >and mail box accounts are being denied service.
> Hmmm... the whole reason they are trying to stop the arp-spam is because
> whoever is doing it is trying not to be found, right?  Well, what if
> someone (or a group of someones) were to set up a web page with a script
> behind it.  The page would simply ask "How many arps would you like to send
> CyberPromo?".  An anonymous web user then fills in the blank, hits SUBMIT,
> and the CGI does its thing.  Using this system, especially if it is not
> just coming from one page but from anyone who sets up the CGI on their
> system, CyberPromo really can't do anything about it, can they?
> providing the interface.
> A perl script to connect directly to their SMTPd (no point in clogging
> yours by using sendmail) would be trivial.  If set up on a sufficient
> number of sites/pages (the form elements and script might take up a totalk
> of 2k, whoopee), this could be a sort of passive agressive way of getting bac
> _________ o s b o r n e @ g a t e w a y . g r u m m a n . c o m _________
> It's amazing how much 'mature wisdom' resembles being too tired.
> - Lazarus Long

First of all, Wallace is a great guy and anyone who interferes with his
freedom of speech is scum on par with C2Net.

Second, if you run a cgi script in this manner, the pings are still coming
from the web server.  You want to ping from the client that the browser's on.


Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps