lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: benfell at greybeard95a.com (David Benfell)
Subject: Fighting Full-Disclosure spam

On Thu, 15 Aug 2002 09:14:38 -0400, Alan Rouse wrote:
> I see three ways to fight the spam attack on this list:
> 
> 1.	Light Moderation.  By that I mean, posts that are clearly spam
> are rejected.  (But no value judgements made on whether a certain
> security-related posting should be allowed).  Repeat spammers are banned
> from the list.  Etc...

Given the current load, who would have time to do this?  And much as I
may not approve of the phrack crap, such moderation would only filter
some of it.

I don't think the security industry is corrupt (just sometimes
misguided).

If it were corrupt, however, this would be a place to discuss it, just
hopefully on a somewhat more meaningful level than the (dare I call
it) discourse we've seen so far.

> 2.	Email client filtering.  When you get a spam message, add a
> filter for the sender of that message.  It at least makes it more
> difficult for these people to get the junk through. 

Strongly recommended.  This, I think, is a good idea.

> 3.	Just ignore them.  Perhaps they will eventually find something
> more interesting to do.

If you don't have suitable client filtering, this is a second-best.
> 
> What not to do:
> 
> 1.	Don't reply to spam.
> 2.	Don't unsubscribe.
> 3.	Don't stop sending quality posts.   
> 
> If you do any of these last three things you are contributing to the
> demise of the list.
> 
I recently received an e-mail quoting a webpage stating that this list
is under attack.  Among other things, it claims participants here are
stupid, but does not explain why, if this is the case, they should not
simply permit us to wallow in our stupidity.

It also included the instruction not to forward it to the list, but to
forward it only in individual replies.  I suppose I am ethically
compelled to comply with this request, though I frankly do not see how
it helps to "beat them at their own game."

-- 
David Benfell, LCP
benfell@...ts-unknown.org
---
Resume available at http://www.parts-unknown.org/resume.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020815/2588da59/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ