Exploitation of weak systems
- exploit open smtp relay
- exploit insecure web services (cgi formmail)
- exploit open proxies (HTTP CONNECT, HTTP)
I actually ran into a case some years back where an especially pernicious type
was [ab]using a Web CGI formmail script belonging to an [otherwise] innocent
company.
Turns out the company's site was hosted on a "hosting farm" run by a very large
hosting company, who made the insecure Perl script available and suggested its
use by all of their customers. (Their customers were usually other Web
'hosting' companies and site designers etc)
I called the large hosting company, and couldn't get them concerned about the
issue... they just didn't seem motivated to clean up their act.
Not ready to give up quite that quickly, I did a google search and found
between
five and six hundred company Web sites that appeared to use that same insecure
script.
I formulated an E-mail which I sent to *each* of those companies, alerting them
to the weakness of the script used on their Web site (and pointing out that its
abuse resulted in possibly HIGHLY objectionable material being sent out on
THEIR
CORPORATE "STATIONERY") and mentioned that their Web site hosting company was
moreover very aware of the problem and didn't seem to want to fix it.
That tack evidently got the attention of the hosting company, and the problem
was fixed within a week or two, if I recall correctly. :-)
I have no doubt that other weakly secured formmail CGI scripts still exist, but
rather than doing a "run along behind" approach trying to get them closed
one-at-a-time (leaving the spammers and abusers to continue working down their
list of vulnerable systems), I think it makes more sense to take the proactive
approach and try to get ALL of the vulnerable systems cleaned up BEFORE they
are
abused.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg