WLANs As Spam Conduit 217
Saint Aardvark writes "According to this article, a honeypot was recently set up on two wireless LANs. 25% of the connections observed were deliberate, and 71% of those were to send spam. Even more reason to take care of your ether." These statistics should be taken with a salt lick...
How about... (Score:5, Funny)
Re:How about... (Score:2, Funny)
With *REAL* flamethrowers, of course!
Re:How about... (Score:2, Insightful)
From what I've seen on
Maybe it'll enter our vocabulary soon, as some sort of curse word.
Murder
Rapist
Spammer
Re:How about... (Score:5, Interesting)
Sleaziness. Penis enlargers, teen sluts, and porn of questionable legality. If I had young kids, this would really piss me off if they got sent this crap.
Fraud. This is somewhat related to the above. Most of these products are most likely frauds, or of questionable value. Masking your identity through forging headers, using open relays and the like. If your product is so great, you shouldn't have to hide yourself. Spam is the snake oil of the new century.
Intrusiveness. Embedding images in HTML email that the client fetches and confirms your email is "live", so it can be sold and put on more spam lists. I am still in the stone age and use pine and never HTML mail, but most non tech people use Outlook, which has this as default behavior. Also, claiming that I opted in and now I need to specifically opt out, with some form that probably just confirms my address is pretty low.
Volume. When I get 50 spam mail messages a day, and 10 or so legitimate messages, email as a communications medium is seriously flawed in it's present form. Many get hundreds of spams a day. Blacklists and Spam Assassin help some, but there are too many false positives.
Commercial email is OK, provided that I signed up for it and the company doesn't try to hide their identity. Some of this is actually useful at times. It would be nice if there could be an analog of a do not call list for email, but that is not technically feasible at present with the current protocol. A new protocol needs to be implemented. As much as I hate spam, I prefer technical solutions rather than handing control to the government. Even if there were spam laws (I know some states have them), they are ineffectual.
Re:How about... (Score:3, Informative)
Perhaps not as many as you'd think though - I recently switched from Spamfire [matterform.com] (keyword based filter) to POPFile [sourceforge.net] (Bayesian with list of known-to-be-good-senders), and have been very impressed.
It's been running for 10 days, has processed 1108 mails, and made 26 mistakes. Almost all of which were in the first 24 hours - I've been checking my spam folder a couple of times a day, and have had 3 false positives in the last week (al
Re:How about... (Score:2)
I'm running SpamAssassin with nearly the default ruleset, and I've had a grand total of 1 false positive in 6 months (on the second day I had it running). I had a few legit mails just a hair below the cutoff for flagging them as spam, and they all hit the FAKED_UNDISC_RECIPS rule. I added the following entry to local.cf, and the problem was solved. Btw, does anyone know what criteria they use for 'faked'?
score FAKED_UNDISC_RECIPS 1.0
I've also given a bunc
But 1 false positive is unacceptable (Score:3, Informative)
If I get even one false positive, it means I have to manually wade through the 35 SPAM (actual count today) messages I got today, just incase one was a false positive. In effect the spam matching effort is wasted because I still have to look at all the spam. I want spam elimination software to get rid of the spam so I can go on with my life without paying attention to it. When I have to pay attention to it at all, that means that the software is worthless.
False negatives are not as bad. If I can get r
Re:But 1 false positive is unacceptable (Score:3, Informative)
In the past six months I have never received even a single piece of spam at my 'notspam' address, which is only advertised through this error messages. And even if any spammers did
That too is unacceptable (Score:2)
That is a hasstle. Not for me, once I have it set up, but for those who want to contact me. I'm looking for a job now, I can't afford to let an otherwise good job slide by because whoever was trying to contact me has better things to do than figgure out what magic is needed to make my email work. There are many more job hunters than jobs right now, so they won't take the time to email me if I don't respond back right away.
I also question your notspam@example.com solution. Someday that will get onto the
Re:How about... (Score:2)
The reason you're seeing it is because just about everyone here experiences spam. If I got punched in the head a dozen times a day, I would be pretty fucking angry at people who go around punching people in the head and I would want them all to die a slow horrible death. Fortunately, I don't get punched in the head on a regular basis so I tolerate head punchers much more tha
Please, keep the internet free (Score:4, Funny)
Re:Please, keep the internet free (Score:3, Insightful)
My point is that mearly blocking ports is never the answer, keeping your patches up to date and not running open relays is a simple solution.
My $0.02
Port 80 is Perfectly Safe (Score:3, Informative)
There's no problem with keeping port 80 open. It's running an unsecured web-based non-authenticated mail relay that's the problem.
-Waldo Jaquith
Not quite... (Score:2)
Eventually, the spammer gave up - it must have noticed that I was firewalling the connections as soon as I detected them. MIMEDefang [roaringpenguin.com], combined with a modified filter script and ipchains or iptables, can
Re:Please, keep the internet free (Score:3, Informative)
And how is that going to help if your wireless LAN is wide open to anyone passing by? The mail relay is, by definition, open for insiders.
Built in sharing? (Score:3, Insightful)
I would if I could. I wouldn't mind sharing some of my connection with the people in my neighborhood, but security and just the nature of tcp/ip to go as fast as it can means it just ain't gonna happen. Not am I willing to set up more network equipment, VPN, etc.
I'd love to see a built in DMZ with port 80 open and bandwidth thortling if I choose to share. Heck, this would probably solve half your security issues right t
tequila (Score:5, Funny)
Does spam go well with tequila?
Re: where? (Score:1)
Spam on the cell. (Score:5, Informative)
4 percent? (Score:3, Interesting)
Re:4 percent? (Score:2, Troll)
Re:4 percent? (Score:5, Informative)
The other 75% is the part that is presumably connecting by mistake.
New (correct) math : (Score:2)
The other 83% were used to receive spam.
Voila! Case closed.
Re:4 percent? (Score:3, Insightful)
that means 75% were not deliberate.
Those stats don't seem that off to me. (Score:1)
I've read repeatedly that some percentage of all email is spam. I think the number that usually gets thrown around is 40%.
I can't remember the last time I got that much legitimate email...
I really wonder how these stats are gathered.
Re:Those stats don't seem that off to me. (Score:2)
Re:Those stats don't seem that off to me. (Score:2, Interesting)
60% legitimate mail? to me thats like heaven...
Re:Those stats don't seem that off to me. (Score:2)
More proof that you don't know what you've got till it's gone....
Re:Those stats don't seem that off to me. (Score:2, Funny)
Well that sure as hell isn't my inbox. I'm lucky if one in twenty message is NOT spam.
I really should get some friends though...
Re:Those stats don't seem that off to me. (Score:2, Interesting)
My hotmail account on the other hand...
Re:Those stats don't seem that off to me. (Score:3, Insightful)
People like you are balanced out by people like me. I use "Contact Me" forms on my website rather than my e-mail address, I don't give out my real address, and I use a throw-away address for mailing lists and a free e-mail address (Softhome, Yahoo, etc.) for submitting to forms on the web where I have no choice.
Onl
Re:Those stats don't seem that off to me. (Score:2)
I, for one, am not fooled by their conclusions. Any open, exploitable service that is reachable publically will be abused, regardless of the transmission medium.
Um...no. (Score:5, Insightful)
In other news, based on my survey of my apartment, 75% of people are running Mac OS X, and 25% are running Linux.
-Waldo Jaquith
Re:Um...no. (Score:5, Funny)
It's ground breaking research. It ranks up there with Philip Morris' discovery that lung cancer is cuased primarily by cat dander. And McDonald's dietary discovery that low cholesterol leads to depression and suicide.
Mail, not Spam - and this is Good. (Score:3, Informative)
Obligatory (Score:2)
Homer: Aw, people can come up with statistics to prove anything, Kent. Forfty percent of all people know that.
Kent: I see. Well, what do you say to the accusation that your group has been causing more crimes than it's been preventing?
Homer: [amused] Oh, Kent, I'd be lying if I said my men weren't committing crimes.
Kent: [pau
Re:Um...no. (Score:2)
scripsit waldoj:
Based on my survey of my work environment, about 50% of Americans hold Ph.D. degrees, the remainder being graduate students.
Re:Um...no. (Score:2)
It was pretty refreshing. I also found it funny that in web sur
Re:Um...no. (Score:2)
Clarity (Score:5, Interesting)
Umm... First, this means that 75% of the connections were not intentional? Is this the equivalent of 75 people saying they're sorry for stepping on your toes, while 25 people did it on purpose?
Second, define "emails". Is that 10? 10,000?
This seems a bit alarmist.
Re:Clarity (Score:2)
Annointing politicians (Score:2)
Alarmist? Of course! (Score:2)
Maybe you haven't been here very long...
An online Starcraft RPG? Only at [netnexus.com]
Re:Clarity (Score:2)
When I moved into my apartment, I found an open WAP. I started using it and eventually found the guy whose apartment it was. We ended up splitting the cost and it worked out for all of us.
wha wha ? (Score:2)
Although the proposal sounds good whats this big fuzz about cookies ? Sorry for sounding possibly ignorant but since when have cookies become security threat ? If thats the case wouldnt every webs
Not only that (Score:2)
Re:Not only that (Score:2)
Serious? (Score:5, Insightful)
I'll admit, I don't understand why people spam; but the economics of such a thing simply don't seem practicle. The 25% would seem to be about right to me, but that 18% of the total was just for spam, just doesn't seem to add up.
Then again, as Mark Twain said, "There are three kinds of lies: lies, damned lies and statistics."
Re:Serious? (Score:3, Informative)
Re:Serious? (Score:2, Funny)
As "they" say, torture the data until it confesses.
Re:Serious? (Score:2)
Misquote (Score:5, Insightful)
The summary misquotes the article here. 71% of the connections sent email - not necessarily spam email. I am surprised the figure wasn't higher.
Anyway it is hardly groundbreaking news that you have to secure wireless internet connections.
_____
cheap web site hosting [cheap-web-...ing.com.au]
Re:Misquote (Score:2)
wireless pig ! (Score:2, Troll)
public spots (Score:5, Interesting)
It's easy for the home and business admin to secure his/her AP. But how do public access places like airports and StarBucks counter drive by spamming?
Any ideas?
Re:public spots (Score:3, Informative)
Oh, take heed! (Score:5, Funny)
So if your router gives out a DHCP address in the middle of the night, run outside in your pajamas with a baseball bat. There are spammers you need to teach a lesson.
Re:Oh, take heed! (Score:3, Funny)
Make money FAST crusing your neighborhood! Annoy millions of people with unrelenting spam!
Re:Oh, take heed! (Score:3, Funny)
If they are obviously spamming (sending email to loads of people), deny access (the first few may get through but the rest would not as soon as spamming was detected).
Otherwise, accept their email and send it on to the destination.
Oh, I forgot to mention that all email sent this way is first run through "pornalizer".
Don't like your emails being pornalized that way (I *DO* hope it is an email to your Mum)?
Re:You laugh (Score:2)
>
> Instead of going through this process, scumbag spammer takes his laptop with him, has a map
Re:You laugh (Score:2)
Perhaps it is, perhaps not. I just know that a large proportion of my spamload is coming from residential broadband users.
I don't care if they're running open proxies or just having their open WLANs hijacked, but I know where the spam's coming from.
Just as with dialup, the overwhelming majority of residential broadband users have no business talking to port 25 on anything other than their ISP's
Salt lick (Score:2)
Get-rich-quick scheme (Score:5, Funny)
1) Sue for "Cable Theft" (if cable ISP)
2) Sue for "Denial of Service Attack" (since the intent of spam is to fill up your mailbox, causing you to give up real e-mails.)
3) Sue for "Espionage" if you both received a 'viagra' spamvertisement and the e-mail says it's not commercial spam, because if it's non-commercial, they were watching you through a window and wanted to notify you of viagra!
4) Is the spam for an ergonomic peripheral, like mouse or keyboard or computer chair? Or maybe, the company offers you pills to decrease your hormonones? In either case, this means they think you might have repetitive stress syndrome from using your... tool. This is either "Espionage" (they saw it), or "Intent of Deliberate Harm" (they e-mail you so much shit, they KNOW you are guaranteed to have RSS in your wrists....
5) ???
6) Profit
Bad logic. (Score:5, Insightful)
The study, as presented is useless except to divide people. They might have just as well said that the internet itself was evil for enabling spam. I can say the same thing about materials used to make billboards. The RSA says, "Don't share, people." Great!
You arent kidding (Score:4, Insightful)
I mean, Im sure most people living near me wouldnt mind downloading pr0n with my connection, but sending spam? Even if they had said hacking I would consider that a stretch. Its not like every kiddy is a script kiddy.
Re:You arent kidding (Score:2)
Re:You arent kidding (Score:2)
It wouldnt surpise me at all if somebody hooked together the MLM idea with the concept of spamming. Well, at least you didnt get burned on the idea.
Newsfactor is silly (Score:2)
Well.. duh.. but seriously, it's wild out there. (Score:3, Insightful)
Intelligence (Score:4, Funny)
Rus
sounds like shit to me... (Score:3, Interesting)
Not that I buy the figures, but... (Score:2)
Bruce
Re:Not that I buy the figures, but... (Score:5, Interesting)
I have Mac Stumbler running on my laptop and it pings me whenever I drive past a hotspot. Sometimes the hotspot will be named "public" or "public hotspot" even. (Saw a few of these in Tempe, Arizona. Was pretty amazed, and grateful).
So if you're running one, I thank you.
Counterplot (Score:3, Funny)
Solution: directional high powered radio emitters on the 802.11b wavelength. Target the suckas and zap the bejeezus out of 'em.
Mmmm, fried spam.
JDAM perhaps (Score:2)
Transform that into a GPS coordinate, vector in a B1 and BOOM! We'll need to develop some appropriately sized weapons however. The current 500, 1000, 2000 lb units might produce a bit too much collateral damage in peace-time urban environments...
Sounds familiar (Score:4, Informative)
But within 48 hours, the mail server was found by spammers!
He even had a great idea for anti-spam software/blocking. Set up these honeypots in different geographical locations, but don't publish the addresses; let the spammers find them. Have them accept mail as if they would route it, but do not actually send it out. We can assume any e-mails received are spam. Make a collection of spam e-mails, and have filters block out mail that closely matches all the mails the honeypots have received.
Re:Sounds familiar (Score:2)
This is trivial for the spammers to work around. All they have to do is try to send email to themselves along with the bunch of spam emails they're sending. If they can't email themselves, they'll move
Re:Sounds familiar (Score:2)
Of course they care, how else are they going to enlarge your penis for those hot teens wating for you that you'll surely be able to get with your cash from Nigeria.
Seriously though, spammers spam because it costs them almost nothing to do and even if their response rate is very small, they stil
E-mail or spam? (Score:2, Insightful)
Do any e-mail programs automatically send out pending messages as soon as a network connection is detected?
Re:E-mail or spam? (Score:2)
Yes, Apple's mail.app, and I use that feature a lot while traveling (using an authenticated SMTP connection to my business host to get around the relaying issue). OS X can also automatically connect to the closest hot spot so you don't even have to configure a connection with a SSID if it's WAP free. Just drive up, auto connects, mail.app notices connection is up, it starts sending out pending e-mail
Reason doesn't matter if the connection isnt legit (Score:2)
Saying that 71% of all unauthorised Wireless access attempts are attempts at spamming is nothing more than a useless statistic. If you have Wireless in place and have not properly secured it (Mac lists/VPN/VPN endpoint in DMZ), then you've got bigger problems than your local Wiget reseller using bandwid
Idea (Score:3, Funny)
I would like to call BS (Score:2, Interesting)
Teenagers (Score:2)
On the other hand, I wonder how legal something like, say, a physical solution to a digial problem would be, IE, they're stealing your bandwidth, you shoot out the tires on their 'getaway' vehicle while it's parked on the street. Were you stopping perpetrators? Would this be a reverse attack, were they
NoCat Auth (Score:3, Interesting)
Can't believe it (Score:2, Insightful)
Get real, they don't waste their time like that. They send out a billion spams on a high speed cable line then go golfing (or whatever).
a bit slow (Score:5, Interesting)
In the honeypot test, the first unauthorised connection to the WLANs was made in just over two-and-a-half hours.
There was a TV show in the UK that recently did something similar to this with bike theft. They left an unlocked bicycle on the high street of a northern town and set up hidden cameras to watch. Somebody nicked the bike within 30 seconds of the owner walking away. I guess spammers are a bit slower than your average criminal.
darn (Score:2, Insightful)
a minority ruins for the majority once again.
can't we get rid of open email and just use private acl's?
this is what I'm going to go for my next account.
Bad, spammer, bad. (Score:3, Funny)
On a more serious note spammers using these open wireless networks to send spam kind of negates the whole black list mail server things doesn't it.
Spammers *ARE* looking for WLANs. (Score:2, Interesting)
Are spammers looking for open WLANs? Yes. And if they're not open, some are even attempting to find another way onto the network:
Personally, I'd never thought anyone would go to the lengths of MAC Address Spoofing, Air
Re:Lies... (Score:2)
Re:One day /. will implode (Score:4, Insightful)
I hope so... If we start hunting down spammers with the same tenacity as if they were terrorists... we'd all be better off.
Re:Poorly written article (Score:2)
It doesn't imply that they did find the WLAN's mail server (if it even had one). They just needed the Internet connection to anonymise themselves and used any existing open-relay on the Internet to send the mail, or more likely - they just sent them directly without using any SMTP server at all (a lot of spamming software seems to mail directly now if you look at the headers - with no intermediate relays).
All you need to do
Re:Poorly written article (Score:2)
Set up your network so that all MX DNS requests return the IP of a blackhole machine. Course, if the spammers have their own list of IPs, they can get around that but you can always block those too. Only your mail server (if you have one) needs to be able to access outside your network on port 25. Unless you use a smarthost setup or the clients on your network talk to your ISPs server but then all that means is that you only need to let that address through.
Course, you the
Re:I block my AP by MAC address... (Score:2)
I started looking into wireless for the new house we're moving to, but two things stopped me. The first was price... ~$250 just to set up two computers and an AP?
The other problem was securing the damn things. So far as I could tell, I'd need to set up a full encrypted VPN on the wireless section. MACs can be spoofed, the built-in WEP is apparently a joke, etc. etc. If I didn't want to get cracked, or hand my bandwidth to any passin
Re:I block my AP by MAC address... (Score:2)
The "WEP is a joke" meme has some natural selection coming to it. Is WEP not as strong as it probably should have been? Yes. But you have to spend hours if not days of computer time crunching packets to break WEP encryption. Someone with suff
Re:I block my AP by MAC address... (Score:2)
What about Johnny Scriptkiddie two houses down with a Cantenna or something? Perhaps I'm too paranoid, but the thought of anyone rooting my boxes creeps me out. I use ssh on our wired LAN, and I know no-one's peeking in on that.
Re:I block my AP by MAC address... (Score:2)
I wouldn't necessarily say that, although I would say that you feel you need more security than most people do to get to your comfort level. There's nothing unreasonable about that.
The odds of your living near someone with the inclination and expertise to break your WEP -- which is not a staggering level of expertise, but above the script kiddie level -- is very, very small. I'm not aware that there are any programs in circulation that cryptolo
Re:I block my AP by MAC address... (Score:2)
Interesting link. AirSnort is not quite ready for prime time the way NetStumbler is, but it appears not to be terribly far away.
I would point out that the FAQ [shmoo.com] suggests that on average, a moderately busy network -- 4 persons surfing the Net continuously during business hours -- would take about 16 days to generate enough packets
Not Missing anything... (Score:2)
CAT5 is excellent and well worth all the crawling under the floorspace, sawing and drilling you haveta do. Especially for in-house applications where you may not be moving computers around all that much
However, wireless has its advantages too. It's nice to be able to carry a laptop around with you, setting it up here or there without having to run 50ft of cable around. Nice for if you want to sit outside and do some work too. It's just a convenience thing. It's the computer equivalent of h