swinog

swinog@lists.swinog.ch

1 participants
2934 discussions

RE: [swinog] Formmailer-Scripts and Spam
by Glogger Steven 16 Aug '06

16 Aug '06

> Well, IMHO this is no better than my solution using JS What > do you do if someone has cookies disabled? > I for my part often reject cookies 'just because' when I dont > feel they're really needed... java script is client side. it only prevents that a form can be submittet. what if you circumvent that and post directly? as we know, simulating a post ist quite easy: telnet to host port 80: "POST /superposter/gna.php HTTP/1.1\r\n Host: www.blabla.ch \r\n User-Agent: whatever you want\r\n Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plai n;q=0.8,image/png,*/*;q=0.5\r\n Accept-Encoding: gzip,deflate\r\n Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n Keep-Alive: 300\r\n Connection: keep-alive\r\n Referer: www.blabla.ch/urli/index.php Cookie: PHPSESSID-1111111\r\n Content-Type: application/x-www-form-urlencoded\r\n Content-Length: 100\n \r\n action=login&nick=username&password=password&submit=LOGIN \r\n" if you get that you cannot check if he used your javascript or not ,-) he might check your session-id, but what if the client gets a session id and uses that one to fill in the form. that soo easy :-) (i'm using such a tool as a proxy for an online game since about 5 years ,-)) -steven

2 1

RE: [swinog] Formmailer-Scripts and Spam
by Randazzo Filippo 16 Aug '06

16 Aug '06

/lurking mode off Hi folks In my (recent) experience, this problem is not related with the form but directly with the database.. The spammer seems using an automatic bot that is sending content to generic database fields (so my suggestion would be changing the table field names to strange ones instead of changing field names of the form); Let me tell you what happened to me: I have a small guestbook in ASP (not self made, is a free code found online) used by me and 7 more friends for a private fanta-soccer-game website (so absolutely not a visited website). I begun to have those spam messages in it and I fgured out the following: I had since the beginnning the possibility to enable-disable the form fields 'sender email' and 'sender website' and, being only 8 ppl, I disabled them immediately during the guestbook installation: checkingthe database after the spamming I found those fields in the database FULL WITH INFO even if there was no input field in the form. Thats why I can tell tah tis problem is not form-related. Solutions (possibility that I had from this premade guestbook): 1) enable Session ID check (so the post must be submitted from the form and not from outside) 2) enable cookies (to prevent spamming the gustbook with multiple comments) 3) enable the loved/hated security images Hopes this helps Cheers Filippo P.S: another system that seems working (I'm testing it) is to put the guestbook pages on a different server from the main website (im including it in a <iframe>).. Seems that this is confusing the bots.. /lurking mode on -----Original Message----- From: swinog-bounces(a)lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] On Behalf Of Manuel Krummenacher Sent: martedì, 15. agosto 2006 18:01 To: swinog(a)swinog.ch Subject: Re: [swinog] Formmailer-Scripts and Spam Matthias Hertzog wrote: > b) Web-user has to enter a unique number (generated image) in the form > to prove, he's a human being. Works fine, but you think of the visually impaired. There are captchas which provide the number also as sound. But I wouldn't use captchas on business websites, it's to annoying for the users to type in the number. > c) Badword-Filtering in the formmail-script, some reqular expressions > a.s.o. Often it helps if you give the fields "unsuspicious" names. "meinfeld4" instead of "recipient" and so on... I use mod_security [1] with the rules from gotroot.com. mod_security blocks the spam before the form gets processed. Additionally, it protects the server from SQL-injection and other attacks. Greets, Manuel [1] http://www.modsecurity.org/ _______________________________________________ swinog mailing list swinog(a)lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

2 1

AW: [swinog] (no subject)
by Michele Capobianco 14 Aug '06

14 Aug '06

Stuck at level 4 :( -----Ursprüngliche Nachricht----- Von: swinog-bounces(a)lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch] Im Auftrag von Michel Renfer Gesendet: Samstag, 12. August 2006 08:12 An: swinog(a)swinog.ch Betreff: RE: [swinog] (no subject) for sure it's working - Find the rabbit hole :o) cheers, michel > -----Original Message----- > From: swinog-bounces(a)lists.swinog.ch > [mailto:swinog-bounces@lists.swinog.ch] On Behalf Of Andre Chapuis > Sent: Friday, August 11, 2006 11:20 PM > To: swinog(a)swinog.ch > Subject: Re: [swinog] (no subject) > > ...not working... > ----- Original Message ----- > From: "Olivier Mueller" <om-lists-swinog(a)omx.ch> > To: <swinog(a)swinog.ch> > Sent: Friday, August 11, 2006 9:10 AM > Subject: [swinog] (no subject) > > > Good morning! > > Everybody on the #swinog chan already knows about it, but you will > certainly enjoy it too: > > http://www.spale.com/quiz/ > > The first 3 levels are easy, but then it is just getting > interesting... :-) If you need some hints to reach Level F (yes, there > are 16 steps), you are welcome on irc.swinog.ch, #swinog. > > Thanks to Spale for that nice crazy toy! Of course do not start now > if you plan do some real work this morning... > > Regards from somewhere between Olten and Lausanne, Olivier > > PS: SBB/CFF-MMS Tickets are really working :-) > > > _______________________________________________ > swinog mailing list > swinog(a)lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog > > _______________________________________________ > swinog mailing list > swinog(a)lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog > _______________________________________________ swinog mailing list swinog(a)lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -------------------------------------------------------- 10 Jahre Online Consulting AG Seit Mai 1996 ist Online an Ihrer Seite - Wir danken allen herzlich, die zu unserem Erfolg und zehnjährigen Firmenbestehen beigetragen haben! --------------------------------------------------------

2 1

(no subject)
by Olivier Mueller 12 Aug '06

12 Aug '06

Good morning! Everybody on the #swinog chan already knows about it, but you will certainly enjoy it too: http://www.spale.com/quiz/ The first 3 levels are easy, but then it is just getting interesting... :-) If you need some hints to reach Level F (yes, there are 16 steps), you are welcome on irc.swinog.ch, #swinog. Thanks to Spale for that nice crazy toy! Of course do not start now if you plan do some real work this morning... Regards from somewhere between Olten and Lausanne, Olivier PS: SBB/CFF-MMS Tickets are really working :-)

4 3

URI extractor script
by Jean-Pierre Schwickerath 10 Aug '06

10 Aug '06

Hello, on the NANOG-List people are currently slaughting each other in matters of RBL-Usage and -Policy. This reminded me of a project I've been wanting to start for a long time. Does someone have a decent script that would extract URIs from mails that have been classified as spam in order to feed an URIDNSBL with it? Regards. Jean-Pierre -- HILOTEC Engineering + Consulting AG Energietechnik und Datensysteme Tel: +41 34 402 74 00 - http://www.hilotec.com/

2 1

Hoi
by Nico -telmich- Schottelius 09 Aug '06

09 Aug '06

Hello together! Just wanted to say 'hoi' to everybody! Was a nice meeting the day before yesterday, I hope to see you all again in about one or two months! Nico -- ``...if there's one thing about Linux users, they're do-ers, not whiners.'' (A quotation of Andy Patrizio I completely agree with)

1 0

[update] *SPECIAL* SwiNOG-BE40 - BBQ/Beer Event 40 - 7th of August @ Oerlikerpark Block this subject
by Glogger Steven 09 Aug '06

09 Aug '06

hi all since the weather is quite bad we will go to the "Outback" at Bahnhof Stadelhofen. so the BBQ is cancelled. registration is still open until 12:00 - then i have to make the reservation. greetings -steven

2 1

Selling hardware...
by Daniele Guazzoni 07 Aug '06

07 Aug '06

Would someone please remove Knowledge Computers from the list ? During the last discussion regarding what is allowed to be posted for sales we got an agreement. see http://lists.swinog.ch/public/swinog/2006-May/subject.html "Rules for used hardware selling" Knowledge Computers is definitely no ISP nor it has in any way something to do with Switzerland. Actually if they would send e-mail to my account they would be tagged as spam... Daniele -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

7 7

New SwiNOG Member
by Viktor Steinmann 03 Aug '06

03 Aug '06

Hi all I'm glad to announce, that SwiNOG has a new member: Jonas Justus Steinmann was born yesterday (2.8.2006) at 07:53. He's 50.5 cm, 2780g and healthy. Cheers, Viktor P.S.: If anybody wants to visit us, please contact me first off-list.

7 6

NPE-G2 for sale
by Sarpreet 01 Aug '06

01 Aug '06

Hi All, I have a few NPE-G2 available to sell if there is any interested. NPE-G2 $12,225 USD (NEW) Cheers, Sarpreet Basi Knowledge Computers Email: sar(a)knowledgecomputers.net Toll-free: 800.967.6609 x102 International: 250.748.0818 x102 Fax: 250.748.3388 Mobile: 250.709.0336 AOL IM: sarpreetb MSN: sarpreet(a)hotmail.com www.knowledgecomputers.net

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog