SpamFlood
* So the system was down most of Sunday and early Monday thanks to some idiot spammers. Turns out that one of the sites that I host had (note the use of the word ‘had’) a cgi script that allowed people to send email to him via a web-based form interface. The spammers figured out a way to utilize a flaw in the script that allowed them to send thousands upon thousands of emails through the system. As many of you know, the box that hosts this site and the one in question (as well as a few others) is a modest, ten year old Sun Microsystems Sparc 20 with NetBSD for its OS. As a testimony to the reliability of the system, it never completely crashed. Of course response times were being measured in hours… So, I did in fact have to reboot the system in order to regain control of the mail facilities. I had to clear the queues and disable the cgi script until such time that I could provide a fix or workaround. I won’t go into specific details here on just how the cgi script was abused (since I don’t have a fix at the moment) Perhaps once I fix the issue, I may share the reset of the gory details. I will say that for the most part, the script did a good job of validating most of the input it was accepting. If you really want details, send me an email and I might be willing to discuss the details, but please don’t post comments asking about the specifics as they will be ignored.
April 13, 2004 11:56 pm 
Subscribe