Dealing with spam security hole

Printable View

June 7th, 2002, 03:37 PM
damaged

Dealing with spam security hole

How do I encourage someone to stop attempting to exploit a vulnerable script without kicking a hornet’s net?

I had a CGI on a site, that had a spam related security hole. The hole was discovered and used to transmit spam for 2 days before we stopped it. The script is gone, but the server continues to be hit every 15 seconds. The error log is growing cumbersome.

I discovered the email address of the person who took advantage of the vulnerability, but I’m reluctant to redirect all the requests back to them. I don’t want to draw a hacker’s guns to my site.

How do I persuade them to move along without pissing them off?
June 7th, 2002, 04:11 PM
souleman

Report it to his ISP.
June 7th, 2002, 04:13 PM
DjM

The best way is to refer this matter to the person's ISP. If you know the IP you can get the users ISP, then send an e-mail to "[email protected]". If the ISP is not "Spam Friendly" they will likely punt the user.

Cheers:
June 7th, 2002, 05:33 PM
chsh

Definitely report it to his ISP.

Make sure you send some accompanying logs.
June 7th, 2002, 05:36 PM
huntx7

Report to the ISP, chances are they will punt him or something, most ISP's are getting close on spam and trying to stop it.