lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: jftucker at gmail.com (James Tucker)
Subject: If Lycos can attack spammer sites, can we all start doing it?

I would feel very sorry for the small time ISP's being DoS'd off the
planet by some of the potential "attack backs" that could be generated
by such an idea. DoS wars are not a good way to fight spam. Judgement
of the receivers total bandwidth capability is difficult to impossble
to accurately judge (assuming that they oculd simply code modulated
response delays in to throw off the attack scheme). Thus all that
could result of this is DoS attacks, not a garunteed "slow down" as is
described.

It is not just volume to the site that will be generated either,
remember you are loading up every router along the way.


On Thu, 2 Dec 2004 02:37:48 +0000, n3td3v <xploitable@...il.com> wrote:
> If Lycos EU is going to go legally unchallenged, can we all start
> attacking sites which send unsolicited mail to a non-lycos mailbox. As
> long as we can prove the mail is actually spam. This isn't as hard as
> you may imagine. All you need to do is for example, check Yahoo's or
> Gmail's spam folder, and the mails in that must hold some legal
> justification as being spam on Gmail or Yahoo (because Yahoo and Gmail
> use elite spam filters), making it justified as spam and therefore
> would give someone legal permission (because yahoo and gmail spam
> filters are pretty trustworthy) to attack the spammers site, which the
> spammed mail was trying to ask you to visit. One could even code a
> program to keep checking the Gmail or Yahoo spam folder for new spam
> to add to the attack list. As long as one doesn't make the spammers
> site unreachable, but if you slow it down, so it takes ages for
> legitimate users to browse it, it must be ok, because thats what Lycos
> EU is doing legally unchallenged.
> 
> Could botnets actually become legal, as long as they only attack
> unsolicited mail, which Yahoo and Gmail and other non-lycos providers
> have marked as spam.
> 
> The possibilities are endless.
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ