re: [Asrg] Its all over for Challenge Response

ietf-asrg

re: [Asrg] Its all over for Challenge Response

2004-02-12 12:46:07

No.

With my IP limiting suggestion, for meaningful attack of significant volume, 
the proxy has to be on the client side, unless a spammer has millions of IP 
addresses to use for web servers.

Using a pretty simple PHP script, the CAPTCHA can be embedded into a new 
image which is then delivered to the client, no matter if you use HTTP or 
HTTPS; the final request from the client has nothing to do with the 
original request to the CAPTCHA image.

Andreas


Shelby Moore
http://AccuSpam.com



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Asrg] Its all over for Challenge Response, (continued) Re: [Asrg] Its all over for Challenge Response, Seth Breidbart Re: [Asrg] Its all over for Challenge Response, Walter Dnes Re: [Asrg] Its all over for Challenge Response, Alan DeKok RE: [Asrg] Its all over for Challenge Response, Hallam-Baker, Phillip Re: [Asrg] Its all over for Challenge Response, Roger B.A. Klorese Re: [Asrg] Its all over for Challenge Response, Seth Breidbart Re: [Asrg] Its all over for Challenge Response, Seth Breidbart re: [Asrg] Its all over for Challenge Response, AccuSpam re: [Asrg] Its all over for Challenge Response, AccuSpam re: [Asrg] Its all over for Challenge Response, Andreas Saurwein re: [Asrg] Its all over for Challenge Response, AccuSpam <=

Previous by Date:	re: [Asrg] Its all over for Challenge Response, Andreas Saurwein
Next by Date:	Re: [Asrg] Spoofed mail addresses; envelope and header addresses !=, Matthew Elvey
Previous by Thread:	re: [Asrg] Its all over for Challenge Response, Andreas Saurwein
Next by Thread:	[Asrg] Getting SMTP "Bounce email" part of RFC changed... forget binary attachments, Jim Witte
Indexes:	[Date] [Thread] [Top] [All Lists]