Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: If Lycos can attack spammer sites, can we all start doing it?
From: James Tucker <jftucker () gmail com>
Date: Thu, 2 Dec 2004 19:40:20 +0000

I would feel very sorry for the small time ISP's being DoS'd off the
planet by some of the potential "attack backs" that could be generated
by such an idea. DoS wars are not a good way to fight spam. Judgement
of the receivers total bandwidth capability is difficult to impossble
to accurately judge (assuming that they oculd simply code modulated
response delays in to throw off the attack scheme). Thus all that
could result of this is DoS attacks, not a garunteed "slow down" as is
described.

It is not just volume to the site that will be generated either,
remember you are loading up every router along the way.


On Thu, 2 Dec 2004 02:37:48 +0000, n3td3v <xploitable () gmail com> wrote:
If Lycos EU is going to go legally unchallenged, can we all start
attacking sites which send unsolicited mail to a non-lycos mailbox. As
long as we can prove the mail is actually spam. This isn't as hard as
you may imagine. All you need to do is for example, check Yahoo's or
Gmail's spam folder, and the mails in that must hold some legal
justification as being spam on Gmail or Yahoo (because Yahoo and Gmail
use elite spam filters), making it justified as spam and therefore
would give someone legal permission (because yahoo and gmail spam
filters are pretty trustworthy) to attack the spammers site, which the
spammed mail was trying to ask you to visit. One could even code a
program to keep checking the Gmail or Yahoo spam folder for new spam
to add to the attack list. As long as one doesn't make the spammers
site unreachable, but if you slow it down, so it takes ages for
legitimate users to browse it, it must be ok, because thats what Lycos
EU is doing legally unchallenged.

Could botnets actually become legal, as long as they only attack
unsolicited mail, which Yahoo and Gmail and other non-lycos providers
have marked as spam.

The possibilities are endless.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]