[svlug] new type of spam?
florin at andrei.myip.org
Wed Mar 5 23:34:58 PST 2003
On Wed, 2003-03-05 at 22:05, Todd Lyons wrote:
> Florin Andrei wanted us to know:
> >220.127.116.11 - - [02/Mar/2003:08:36:11 -0800] "GET / HTTP/1.0" 200 928
> >"http://www.sex-teen-pic.com/" "Mozilla/4.0 (compatible; MSIE 5.01;
> >Windows 98)"
> Dollars to donuts, you have proxying enabled in apache and don't limit
> it to IP's or domains, with the end result that you are an open proxy
> and those guys are using your proxy.
[root at weiqi root]# cat /etc/httpd/conf/httpd.conf | grep proxy
#LoadModule proxy_module modules/libproxy.so
# document that was negotiated on the basis of content. This asks proxy
# enable the proxy server:
# <Directory proxy:*>
# End of proxy directives.
[root at weiqi root]#
It must be what Walter said, some sort of a spider or something. Yet i
still don't quite understand why anyone would advertise through the
1. "They" use Google to find out unprotected Webalizer pages
2. "They" send their funky spider all over the coresponding websites
3. After a while, _their_ website shows up in Webalizer
4. After yet another while, their ranking on Google is cranked up a bit
due to links to their sites from webalizer statistics
I must password-protect my webalizer...
More information about the svlug