![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: Fryingspam and Commando
Anonymous
none at domain.invalid
Sun Jul 25 12:11:57 EDT 2004
<user at domain.invalid> wrote in message
news:ce0r6h$lnu$1 at news.spamcop.net...
> So, here is a dumb question. I am frying http://www.pharmacyforlife.biz
> but it only downloads 1Mb/min. Why only that much? My connection allows
> it much faster... Maybe there are hundreds that fry it?:)
Don't discount 1MB/min. If you add it up, that's still about 1.2GB per day.
But, FriedSpam.net seems to be exceptionally slow lately. The websites I'm
hitting using FriedSpam.net have only been hit about 5000 times in the past
8 hours. Before, they'd have had over 100,000 hits by now. That's why I set
up the SpamVampire (http://www.hillscapital.com/antispam/index.htm) so I
could hit them as fast as their bandwidth and my bandwidth (and the
bandwidth of the open proxies I hit them through) would allow.
As an aside... here's some evidence that the proxies I'm using are
controlled by the spammers... last night, my IDS started alarming, telling
me that someone was port scanning me. Well, I got to looking at the logs,
and discovered that it was ALL the open proxies I was using... now, if
these open proxies were set up by the individual owners of these machines
(located not only in different countries, but on different continents!),
then how would they all know to start scanning me at the SAME TIME? And why
would they ALL scan with the SAME PATTERN? No, those machines are being
centrally controlled, either by a hacker selling his services to a spammer,
or by the spammer directly.
The good news is that I'm putting so much traffic through those proxies
that they couldn't really do much more than hit my ports around 80 times
per minute, which is nothing. They gave up after a couple of hours. Now, if
it had been the owners of those machines, those machines would have been
secured, and I wouldn't be able to fry spamvertised websites through those
proxies, but they're STILL UP! The spammers NEED those machines, they can't
afford to take down every machine I steal from them to fight them, on the
off chance I might stop using it, so they can use it to send spam again.
Too much fun...
More information about the SpamCop-List
mailing list