Results 1 to 5 of 5
  1. #1
    Junior Member
    Join Date
    Jun 2002

    Question Dealing with spam security hole

    How do I encourage someone to stop attempting to exploit a vulnerable script without kicking a hornetís net?

    I had a CGI on a site, that had a spam related security hole. The hole was discovered and used to transmit spam for 2 days before we stopped it. The script is gone, but the server continues to be hit every 15 seconds. The error log is growing cumbersome.

    I discovered the email address of the person who took advantage of the vulnerability, but Iím reluctant to redirect all the requests back to them. I donít want to draw a hackerís guns to my site.

    How do I persuade them to move along without pissing them off?

  2. #2
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI
    Report it to his ISP.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  3. #3
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    The Great White North
    The best way is to refer this matter to the person's ISP. If you know the IP you can get the users ISP, then send an e-mail to "abuse@theISP.com". If the ISP is not "Spam Friendly" they will likely punt the user.


  4. #4
    Senior Member
    Join Date
    Nov 2001
    Definitely report it to his ISP.

    Make sure you send some accompanying logs.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Report to the ISP, chances are they will punt him or something, most ISP's are getting close on spam and trying to stop it.
    [gloworange]Die, or surrender, either way won\'t work.[/gloworange]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts