Honeypots: Re: honeypots as spam traps

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Honeypots mailing list archives

Re: honeypots as spam traps

From: "Ian Baker" <ibaker () codecutters org>
Date: Fri, 5 Mar 2004 17:02:18 -0000

Andy,
    In my case, it's fed straight into the email server's dictionary.

Extracting the domains & URLs that are (by definition) required by a spammer
to advertise can then be analyses and scored, just like any other
word/phrase.

It's quite effective (even if I did find my first three false positives this
morning.. out of 18873 emails. 144 of which could *only* be determined to be
spam because they were sent to the honeypot..)
----- Original Message ----- 
From: "Andy Streule" <andy.streule () lythamhigh lancs sch uk>
To: <honeypots () securityfocus com>
Sent: Friday, March 05, 2004 4:12 PM
Subject: honeypots as spam traps

just wondering what people using honeypots as spam traps do with their
collected info.

By Date By Thread

Current thread:

honeypots as spam traps Andy Streule (Mar 05)
- Re: honeypots as spam traps Ian Baker (Mar 05)
- Re: honeypots as spam traps Stef (Mar 07)
  - Re: honeypots as spam traps Michael (Mar 07)
- Re: honeypots as spam traps Byron Sonne (Mar 08)
- <Possible follow-ups>
- RE: honeypots as spam traps Andy Streule (Mar 08)
  - Re: honeypots as spam traps Jack Cleaver (Mar 09)