Re: Web Form Spammers / Email Injection Spamming

From: Dale (dmgreer_at_nspm.airmail.net)
Date: 09/15/05

  • Next message: Stephen Howard: "Re: Protecting my hard drive?" 
    Date: Thu, 15 Sep 2005 06:52:58 GMT

    "Imhotep" <Imhotep@nospam.net> wrote in message
    news:4fidnSgbMJbLlrTeRVn-tg@adelphia.com...
    > Dale wrote:
    >
    > > I'm not much of an expert about web security, and plus I'm a
    > > procrastinator, so when I started getting weird emails from the contact
    > > forms of two of my websites, I was moderately concerned, but I naively
    let
    > > it go on for a few weeks before getting annoyed enough to do anything
    > > about it.
    [...]
    >
    > I remember something about this. What php application are you using? Is it
    > custom made by you?

    Yes, I just made a php script that produces a web form contact page. It
    stores the interested party's data in a mysql table, and then sends me a
    confirmation email. I didn't know it could be hacked but it's pretty easy to
    prevent. Here are a couple of links to explanations of what they're doing
    and measures to prevent damage.

    http://www.nmmm.nu/spam-form.htm
    http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay
    http://www.anders.com/projects/sysadmin/formPostHijacking/

    So far I've collected 5 IP addresses.

    12.23.84.11 belongs to AT&T
    67.110.225.236 belongs to telecom equipment supplier, XO
    212.87.26.66 is the server for the Polish Academy of Sciences Medical
    Research Center
    209.43.25.154 belongs to ISP/Web Hosting supplier, iQuest
    161.53.86.10 is SolarWinds.Net Network Management Tools' "secure" admin
    server

  • Next message: Stephen Howard: "Re: Protecting my hard drive?"

    Relevant Pages

    • Want to Reboot server from ASPX page
      ... I am trying to trigger a reboot of the server based on a user request. ... way what exactly does 'impersonate' in the web.config do when the machine.config ... appreciated (with as much detail as possible, I am very new to this whole web security ...
      (microsoft.public.dotnet.framework.aspnet)
    • Want to Reboot server from ASPX page
      ... I am trying to trigger a reboot of the server based on a user request. ... way what exactly does 'impersonate' in the web.config do when the machine.config ... appreciated (with as much detail as possible, I am very new to this whole web security ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • ISA Server mit Symantec Web Security und Firewall Client
      ... wir setzen gerade den ISA Server 2000 auf einem Windows 2003er Server neu ... Wir haben im Hause die Symantec Web Security. ... Kann die Web Security als eine Art Add On zum ISA gesehen werden, ... Steht der Installation des Firewall Client auf den Arbeitsplatz PC etwas ...
      (microsoft.public.de.german.isaserver)
    • Quantcast