Battle of Spam
in [General]
|
From: Brian Dunning on 7 Jun 2010 20:29 I'm currently geotargeting all the IPs in the log, and focusing on the hits from Russia (the majority of these apache@ spams seem to be Russian). I've got a much shorter list of scripts to look at now. Hopefully I'll find some that just use mail() with no scrubbing.
From: Ashley Sheridan on 7 Jun 2010 20:31 On Mon, 2010-06-07 at 17:29 -0700, Brian Dunning wrote: > I'm currently geotargeting all the IPs in the log, and focusing on the hits from Russia (the majority of these apache@ spams seem to be Russian). I've got a much shorter list of scripts to look at now. Hopefully I'll find some that just use mail() with no scrubbing. I wouldn't bother wasting your time on that to be honest, as spam could just as easily come from zombie machines, which could be scattered all over the globe. This sort of distributed attacking seems to be more and more commonplace these days. Thanks, Ash http://www.ashleysheridan.co.uk
From: Paul M Foster on 7 Jun 2010 22:48 On Mon, Jun 07, 2010 at 02:34:23PM -0700, Brian Dunning wrote: > I think I must have misstated the problem. Thanks to everyone for the replies, but the question is not how to fix it, it's how to find the script being attacked. Many different admins manage many different sites on this server, and I can't even begin to guess how many mail forms are on there from different programmers. > > I'm currently downloading the logs as Peter suggested, and will take a look. I'm not much of a sysad and I just thought maybe someone might know a way to sniff outgoing email or something, I really don't know how to attack this. Fixing the scripts is a long term solution, obviously, but I need a short term fix other than killing email on the apache account. > > Might be more of a Linux question than a PHP question. One other piece of information maybe you left out. You say there are many admins of many sites on this box. Do you *work* for the company that owns or rents the box or something? Otherwise, other admins' scripts aren't your problem, just your scripts. Paul -- Paul M. Foster
First
|
Prev
|
Pages: 1 2 3 Prev: empty() and method return values Next: complex if statement for field validation |