RE: [cobalt-security] Spam from this list

[Mike King <mikkel@xxxxxxxxxxxxxxxxxxx>]

Chris,

Fantastic joke :-)
I am falling out of my chair with laughter !   :-)   :->   :+)

But seriously:

Your strategy in dealing with this spammer ended up backfiring on you - all
you have done is embarrassed yourself publicly. I suppose you were smart
enough not to name names, which will probably save you from litigation.

I doubt whether any spammer would be deterred by someone like you 'being
aware of their activity'. Unless you can substantiate your claims and pass
this on to someone who has the necessary legal 'teeth', then I feel that
you are wasting your time.


Mike

At 18:27 21/09/2000 -0400, you wrote:
>Finally... someone with a sense of humor.  This is the security list?  Did
>anyone other than Graeme get the irony of a break in against a participant
>of this list???  I did nothing other than trace the machine to find out
>where the site was hosted and who sent the spam.
>
>Sorry for my poor attempt at humor.  I have spent years fending off hackers,
>and I have never engaged in these activities except against test machines
>for the purpose of hardening the OS and user applications.
>
>The person who spammed me has a porno site hosted in the UK and with a
>domain name registered out of Australia.  However, he has accomplices in the
>US that run a 900 service, so tracking this individual or group will be
>difficult.  As far as I can tell, this spammer is running yet another scam
>site trying to get you to call 900 numbers to disenroll from a porno e-mail
>list.  In case you aren't familiar with this scam, a spammer sends raunchy
>messages to hopefully your work email address.  The only way to stop it is
>to call a 900 service to remove yourself from the list.  The scammer then
>pads the 900 charges, knowing you are unlikely to complain.  The really
>nasty ones ask for a credit card number as well before your call can go
>through.    There are no charges I could file unless I participated in this
>obvious fraud.
>
>I have complained to the spammer's ISP.  In many cases, I have successfully
>stopped spam by shutting down the spammer's web site and/or e-mail account
>by notifying the ISP.  So far, this person's ISP has not responded.  I have
>found European and Asian ISPs to be very uncooperative with respect to spam.
>
>I *did* not break into any machine. I did the following:
>
>Ran traceroute, ping, and nslookup to narrow hostnames, services, ip
>addresses, etc.
>Checked out registered domain names.
>Sent mail to postmaster@<naughtyhost>.com to see who replied.
>Attempted to Telnet so I could see what OS and kernel were on the other end.
>Tried to FTP to see what was available through anonymous FTP.
>Tried some admin URLs to confirm that the host was a Cobalt Raq 3.
>Performed a few web searches to look for more info.
>I did find a person on this list with a domain that traced back to the same
>host.  However, I don't want to reveal who it is unless I can prove this
>person is the culprit.  I sent an e-mail to this individual, and have not
>heard back.
>
>I did nothing illegal!!!!
>
>Again, please accept my apologies.
>
>Chris
>
>
>
>
>
>
>-----Original Message-----
>From: cobalt-security-admin@xxxxxxxxxxxxxxx
>[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Graeme Fowler
>Sent: Thursday, September 21, 2000 5:47 PM
>To: cobalt-security@xxxxxxxxxxxxxxx
>Subject: RE: [cobalt-security] Spam from this list
>
>
>
>
>On Thu, 21 Sep 2000, Richard Emerson quoted Chris Weiss:
>>   I have identified one offender, and I have broken into your server to
>look
>> around.
>
>Is it just me or has everyone had a sense-of-humour failure? I reckon
>Chris was being just a teensy bit ironic with his statement... weren't
>you? ;-)
>
>Graeme
>
>
>
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>
>
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security