From owner-freebsd-questions@FreeBSD.ORG Mon Apr 26 12:45:08 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A373F106564A for ; Mon, 26 Apr 2010 12:45:08 +0000 (UTC) (envelope-from john@starfire.mn.org) Received: from elwood.starfire.mn.org (starfire.skypoint.net [173.8.102.29]) by mx1.freebsd.org (Postfix) with ESMTP id 5445A8FC15 for ; Mon, 26 Apr 2010 12:45:07 +0000 (UTC) Received: from elwood.starfire.mn.org (john@localhost [127.0.0.1]) by elwood.starfire.mn.org (8.14.3/8.14.3) with ESMTP id o3QCirrE074597; Mon, 26 Apr 2010 07:44:53 -0500 (CDT) (envelope-from john@elwood.starfire.mn.org) Received: (from john@localhost) by elwood.starfire.mn.org (8.14.3/8.14.3/Submit) id o3QCiruT074596; Mon, 26 Apr 2010 07:44:53 -0500 (CDT) (envelope-from john) Date: Mon, 26 Apr 2010 07:44:53 -0500 From: John To: Aiza Message-ID: <20100426124453.GB74442@elwood.starfire.mn.org> References: <4BD3E9B8.2030109@comclark.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4BD3E9B8.2030109@comclark.com> User-Agent: Mutt/1.4.2.3i Cc: FreeBSD Questions Subject: Re: Wpoison????? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2010 12:45:08 -0000 On Sun, Apr 25, 2010 at 03:05:28PM +0800, Aiza wrote: > Looking for comments on this small apache web application that fools web > harvest programs into harvesting bogus email address from web page. > http://www.monkeys.com/wpoison > > Anybody try this? > Is this a self-inflicted Trojan? > Since I don't have web server was thinking of creating jail for apache > that only runs this wpoision perl script? > My firewall been blocking inbound port 80 and gets hit 100's of times a > day. Just script kiddies rolling through a block of ip address hunting. > Play with them a little bit in return. > > Comments please? Well, it's short and easy to understand - about half of it is comments and data structure initalization. From what remains, it all makes simple sense and there is nothing obscure or difficult to understand. I'm pretty concerned about its effectiveness. It appears not to have been touched since 2001. If it actually accomplished its goals, I think it would have been tuned up a bit, and it would be much more popular. I've been hanging around the web quite a bit in the last nine years, and it concerns me that I've never run into it before. So - I went ahead and installed it. Just in case the script kiddies had gotten a little bit more sophisticated, I changed the name. I put it on three of my web pages -now, I grant you, all three of them are tagged "NOFOLLOW," but I doubt spambots pay any attention to that. That was about 24 hours ago, and so far, I have not gotten one single hit on it outside of my testing. Now, it may simply be that I'm off in too obscure a corner of the web, or that I should go through my errors log and create one of the bogus pages they always probing for with a reference to it, but I'm not expecting too much luck at this point. I would love to hear if your results are any better. I hope that it does do what it is supposed to do! That would be great. I don't see how it could possibly do anything malicious or propagate itself in any way. It would be simple to turn off if you didn't like the behavior. That's my $0.02, anyway. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- John Lind john@starfire.MN.ORG The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries. - Winston Churchill