|
-
June 7th, 2002, 03:37 PM
#1
Junior Member
 Dealing with spam security hole
How do I encourage someone to stop attempting to exploit a vulnerable script without kicking a hornet’s net?
I had a CGI on a site, that had a spam related security hole. The hole was discovered and used to transmit spam for 2 days before we stopped it. The script is gone, but the server continues to be hit every 15 seconds. The error log is growing cumbersome.
I discovered the email address of the person who took advantage of the vulnerability, but I’m reluctant to redirect all the requests back to them. I don’t want to draw a hacker’s guns to my site.
How do I persuade them to move along without pissing them off?
-
June 7th, 2002, 04:11 PM
#2
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
June 7th, 2002, 04:13 PM
#3
The best way is to refer this matter to the person's ISP. If you know the IP you can get the users ISP, then send an e-mail to "abuse@theISP.com". If the ISP is not "Spam Friendly" they will likely punt the user.
Cheers:
-
June 7th, 2002, 05:33 PM
#4
Definitely report it to his ISP.
Make sure you send some accompanying logs.
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
-
June 7th, 2002, 05:36 PM
#5
Senior Member
Report to the ISP, chances are they will punt him or something, most ISP's are getting close on spam and trying to stop it.
[gloworange]Die, or surrender, either way won\'t work.[/gloworange]
[shadow]HuntX7[/shadow]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
