Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Spammers: Advice being sought
The Lounge What is on Your Mind? Spammers: Advice being sought Post 302113765 by cbkihong on Tuesday 10th of April 2007 04:54:27 AM
Old 04-10-2007
Spammers: Advice being sought
The Web-based contact form on my site has been under distributed spamming attacks for nearly a month already. Obviously, a spammer has tried to generate HTTP requests containing ads to male drugs and all sorts of similar stuff directly to the form mail processor script on my site using a robot, as I can see from my logs that dozens of them were being recorded nearly every hour.

Although I have programmed some trickeries with the form processor way back in 2006 that was sufficient to prevent those spam mail from actually being sent to my mailbox at all, the attacks are filling up my log files and I think I should do something to stop that, as they are also wasting my bandwidth and processing power having to serve them.

The spammer has apparently been able to attack hundreds of hosts and launch the attacks through them, as nearly all spam were originated from different IP addresses and thus far I have been able to capture several hundreds IP addresses of those initiating those requests over just a couple of weeks. However, the design of my form allows me to find out the original IP address from which the form used in the attacks was initially captured, which resolves to an IP address from a netblock owner in New Jersey, who captured the form in mid March 2007 which was then used in all attacks thereafter.

As I know you all are seasoned sysadmins, what should I do now? And have you all experienced similar issues, and how did you go about that?
 

3 More Discussions You Might Find Interesting

1. Cybersecurity

How were UNIX machines taken over by SPAMMERS?

Hello, Three of our machines at work were sending out SPAM on the internet. 2 of them were so old I knew that the hackers just exploited the vulnerabilities in the old systems. The cause of concern is that one one of the machines is a new Centos 5.3 box.The only proof we have is that 4-6 emails... (3 Replies)
Discussion started by: mojoman
3 Replies

2. Shell Programming and Scripting

awk & basename puzzler - advise sought

Hi I have been able generate a file ($ELOG) that can have multiple lines within it. The first column represents the full path source file and the other is the full path target ... the file names are the same but the target directory paths are slightly different. <source_dir1>/file1 ... (4 Replies)
Discussion started by: davidra
4 Replies

3. Shell Programming and Scripting

Traceback spammers using an obfuscation of their URL

I have on occasion been forced to divulge my address to the odd enterprise, here and there. Some time later I've mysteriously found myself on the receiving end of spam. I have a plan to copy said enterprise's domain or part thereof to a bash terminal and obfuscate it, then paste the obfuscated... (2 Replies)
Discussion started by: nohspamjose
2 Replies

LEARN ABOUT MOJAVE

curlopt_http_version

CURLOPT_HTTP_VERSION(3) 				     curl_easy_setopt options					   CURLOPT_HTTP_VERSION(3)

NAME

       CURLOPT_HTTP_VERSION - specify HTTP protocol version to use

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTP_VERSION, long version);

DESCRIPTION

       Pass  version a long, set to one of the values described below. They ask libcurl to use the specific HTTP versions. This is not sensible to
       do unless you have a good reason. You have to set this option if you want to use libcurl's HTTP/2 support.

       Note that the HTTP version is just a request. libcurl will still prioritize to re-use an existing connection so it might then re-use a con-
       nection using a HTTP version you haven't asked for.

       CURL_HTTP_VERSION_NONE
	      We don't care about what version the library uses. libcurl will use whatever it thinks fit.

       CURL_HTTP_VERSION_1_0
	      Enforce HTTP 1.0 requests.

       CURL_HTTP_VERSION_1_1
	      Enforce HTTP 1.1 requests.

       CURL_HTTP_VERSION_2_0
	      Attempt HTTP 2 requests. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the server. (Added in 7.33.0)

	      The alias CURL_HTTP_VERSION_2 was added in 7.43.0 to better reflect the actual protocol name.

       CURL_HTTP_VERSION_2TLS
	      Attempt  HTTP  2	over TLS (HTTPS) only. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the HTTPS server. For
	      clear text HTTP servers, libcurl will use 1.1. (Added in 7.47.0)

       CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE
	      Issue non-TLS HTTP requests using HTTP/2 without HTTP/1.1 Upgrade. It requires prior  knowledge  that  the  server  supports  HTTP/2
	      straight away. HTTPS requests will still do HTTP/2 the standard way with negotiated protocol version in the TLS handshake. (Added in
	      7.49.0)

DEFAULT

       CURL_HTTP_VERSION_NONE

PROTOCOLS

       HTTP

EXAMPLE

       TODO

AVAILABILITY

       Along with HTTP

RETURN VALUE

       Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

       CURLOPT_SSLVERSION(3), CURLOPT_HTTP200ALIASES(3),

libcurl 7.54.0							   May 01, 2016 					   CURLOPT_HTTP_VERSION(3)
All times are GMT -4. The time now is 11:04 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy