[Dshield] Under attack by bloggers

Tom dshield at oitc.com
Tue Jan 31 15:56:27 GMT 2006


If you figure out how to contact blogspot.com or google.com and get a 
real person I'd like to know as there is a nasty blog publishing 
personal information about people in our small town and there seems 
to be no way (short of filing suit) to contact them about it since 
its an AUP violation..... so much for "do no evil"

Tom

At 11:03 AM +0000 1/31/06, Malcolm Warden wrote:
>I installed some new code to my phpbb last night to catch any 
>attempt to create a new user
>account by a spambot (which, if successful, would then post links 
>back to increase its
>master's site rating with Google etc).
>I was very suprised to catch the first one within seconds!
>
>The site has been live for years without any spam registrations and 
>I believe that up to now
>the robots have failed visual confirmation and just been dropped 
>silently to the floor.
>The concern is that robots are getting smarter so I needed a second 
>line of defence.
>
>I am now seeing these things at all too frequent intervals - mostly 
>pointed back to
>blogspot.com. The pages that they link to are meaningless 
>semi-English probably created
>by a robot but with links on to the usual suspects - poker, loans 
>and sex sites.
>
>Here are a couple of examples:
>http://enprofessionalpokerchips.blogspot.com/
>http://thatcasinoontariowindsor.blogspot.com/
>http://anringtonesprint.blogspot.com/
>
>It seems odd to me that blogger.com is now owned by Google but 
>clearly being abused on a
>grand scale to distort Google and other searches.
>http://www.blogger.com/about
>
>I could have some fun with this - a small change in the php to 
>censor any link to blogspot
>that gets through the defences and redirect it to.... The Vatican... 
>or ...  an abuse page at
>Google or ...
>
>Anyone have any ideas about the best way to pass this on to 
>blogger.com or Google
>themselves? I could easily automate the whole thing to forward the 
>links by e-mail.
>
>Any other suggestions on what else to do?
>
>TIA
>
>Malcom Warden
>-- Malcolm Warden
>
>[P] 01608 685592
>[F] 01608 685595
>[M] 07905 185406
>
>
>_________________________________________
>Learn about Intrusion Detection in Depth from the comfort of your own couch:
>https://www.sans.org/athome/details.php?id=1341&d=1
>
>_______________________________________________
>send all posts to list at lists.dshield.org
>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list


-- 

Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/
US Phone Numbers: 321-984-3714, 321-729-6258(fax), 
321-258-2475(cell/voice mail,pager)
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trshaw at mac.com
Google Talk: trshaw at gmail.com
skype: trshaw


More information about the list mailing list