Re: There needs to be an international policy

From: George Hester (hesterloli_at_hotmail.com)
Date: 04/10/05


Date: Sat, 9 Apr 2005 19:44:29 -0400

I would not follow your second link. The link I would follow is http://www.somesite.net but ONLY if the link was such that it was originnally given to an actual page; ie http://www.somesite.net/mine.php then I would access the root. Now I understand that the page could be one with "stuff" in it but actually the most common page for spammers of this sort are:

Forms to get your e-mail address
The page as default in Apache Servers which confirms the server is working
Sometimes a folder listing
Under Construction
Or just :) or some other trivial thing

So far I have never been obviously redirected and I been doing this for about 2 years. Off and on. I listed links below in a reply to my post what on average they look like.

-- 
George Hester
_________________________________
"Roger Abell" <mvpNOSpam@asu.edu> wrote in message news:uWNz1OVPFHA.3716@TK2MSFTNGP14.phx.gbl...
> "George Hester" <hesterloli@hotmail.com> wrote in message
> news:uLfJUaUPFHA.248@TK2MSFTNGP15.phx.gbl...
> "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> news:#9eYKkKPFHA.4000@TK2MSFTNGP15.phx.gbl...
> > <quote>
> > When the link has a default page I do not follow those.
> > Too dangerous.
> > And in fact those usually aren't China but US.
> >
> > </quote>
> > I do not follow the logic behind that first sentence.
> > For example, any Asp (non-default) page can simply do
> > a server.transfer to redirect you server-side to whereever
> > it (not you / your browser) wants your browser to go.
> 
> You misunderstand me.  Of course anything can have a default page.  But that
> is not the case of Spam links which point to an actual page.  Their roots
> are almost always defaulting to a page similar to what you saw in the link I
> posted.  Sometimes the site is so insecure you get a browse listing.  But
> links in Spam that point to a folder so that a default page is used then yes
> you will get redirected when trying to access the root and so that's why I
> don't access them.  Too dangerous.
> 
> 
> 
> You see, here is where I get lost by your reasoning.
> Any page, default or not, if it has any server-side capability
> can redirect the servicing of your browser request to any
> page at all, any.  It is even possible for a webserver to
> do things you would not expect for a page that "looks" safe,
> such as one with .html at the extension where normally that
> would mean that there is no server-side capability, but the
> webserver owner only needs to alter the handler for the
> .html type.
> 
> 
> 
> A little investigation of this you'll see what I am talking about.  Please
> give me a break and do not assume I am speaking of EVERY such instance of
> this.  I speak about the majority.  No such thing as a probability of 1
> except that the Sun will come up in the morning.  That has probability of 1.
> 
> 
> I really am trying to be reasonable.
> It is just a fact that based on the URL you cannot make any
> reasonable expectation as to what following that link is
> actually going to serve up.  There is a probablistic case
> to be made, sure, but visiting an expected malicious page
> because it has a URL like
> www.somesite.net/dir/page.html
> but not if the URL is like
> www.somesite.net/dir
> is not actually saving you from much peril.
> 
> 
> --
> Roger
> 
> 


Relevant Pages

  • RE: ATL SERVER QUESTION
    ... You want to redirect the user to another ... status of the server-side process. ... When the task is finished the iframe page can output some script to ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.vc.atl)
  • Re: Mirror rule versus redirect
    ... possible to set up a message mirror server-side rule? ... Exchange accounts allow redirect. ...
    (microsoft.public.outlook)
  • Re: POST to Non-ASP.NET Site
    ... any markup on myotherpage.aspx other than something saying "Please wait - about to redirect you to...." ... elements on an aspx page as you like, so long as only one of them runs server-side. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: POST to Non-ASP.NET Site
    ... markup on myotherpage.aspx other than something saying "Please wait - about to redirect you to...." ... elements on an aspx page as you like, so long as only one of them runs server-side. ...
    (microsoft.public.dotnet.framework.aspnet)