l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2004 May 22 14:14

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] Spammers target referring URL, steal bandwidth,increases cost of support
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] Spammers target referring URL, steal bandwidth,increases cost of support



<rant>
Ok. I don't like spam. Most of you (probably all of you) do not like spam.

This is getting really bad. If spam in e-mail is not bad enough, sites now
are running Web-aware apps to span networks following links (or creating
URl which may or may not be valid) and visiting the "pages" which house
the data.

What could be the possible reason?

Gee. The most obvious is to target sites which provide feedback per
host/domain/site on referring URL in a web page. These kinds of reports
may be visited by google or other search engines, and as they do, thier
score in google goes up because there are "more links to their sites."
This becomes a feedback loop in the spammer's favor as "reputable" sites
which are well liked seem to offer content which links to spammers.

This was not much of a problem for me, as I have my server colocated, and
the number of hits were small enough to not count for much. Now, however,
things have changed. Some of these referring URL spamming services are
really targetting many of the domains I service.

To make things worse, some will visit URL to nonexistant files, and
generate 404 errors in my log files. As a result, a review of my web data
with webalyzer shows many false positives for 404, and if I actually
viewed these pages, a nifty little session/tracking ID is often included
to help the spammers know what sites to attack more often!

I DO NOT NEED TO SEE FALSE 404 REPORTS! Annoying spammers!

STEALERS OF BANDWIDTH!

>:-|

Anyway, I thought I would share one "solution" I have: add iptables rules
to DROP connections from their IP address.

Search through your web log files for the entries with referring URL that
include the following:

(Spaces added to try to nix effect of search engines finding them on this
page when it is archived.)
w e b b u f f e t . c o m
p h o e n i x % 2 0 a r i z o n a % 2 0 n e t w o r k
h i g h l a n d s o f s c o t l a n d . n e t
m e g a e a s t . c o m
h n - e c o m m e r c e . p h

See if you are also subsidizing the commercialization of company names
through referring URL.

</rant>

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!