Message Board

Newbie/Basic Questions

Older Posts ]   [ Newer Posts ]
 Dictionary attacks?
Author: L.Veltkamp   (22 Aug 06 12:36am)
Man, I must be way behind on my spam lingo. Just what is a dictionary attack? Yeah, I could probably Google but I feel like being a newb.

(That and Google is being really, really slow for me)
 
 Re: Dictionary attacks?
Author: M.Prince   (22 Aug 06 3:05am)
A dictionary attack is when a server sends messages to random email addresses under a domain. For example, imagine the domain example.com. In order to discover what email addresses are valid, a spammer may send:

adam@example.com
bob@example.com
carl@example.com
dan@example.com
evan@example.com

Etc.....

More likely, they'd try names like:

postmaster@example.com
abuse@example.com
webmaster@example.com
sales@example.com
info@example.com

Etc....

Anything that bounces back they know isn't valid. Anything that goes through they assume is.

Turns out we have had data on dictionary attackers for a while, although we didn't entirely realize it. We just started reporting it on our website. Watch out for more types of bad IPs being reported soon. For example:

1. Spam Website Hosts (the IPs that host the web pages that spammers advertise)
2. Comment Spammers (the IPs of machines that automatically post to blogs and other sites that allow comments)

Lots of cool stuff is coming soon!!

Matthew.
 
 Re: Dictionary attacks?
Author: L.Veltkamp   (22 Aug 06 11:06am)
Oh, so that's what you call those. I thought maybe that's what I thought those messages I get that just plug random words into sentences are called. Of course, that's the sort of thing I'm not sure other people actually pay attention to. I just find attempts like that to get past spam filters funny because they rarely work. Well, that and I write really weird poems out of them...

Comment spam stats would be nice. I think I've finally identified most of the ones I was having trouble with after I set up a spreadsheet and marked the number of times certain IPs hit me. The worst offender spamming my site spammed one particular script (I think it also hit another that doesn't log ips at the moment) 82 times in the time span of two months. I noticed the same ip in the harvester database, but it doesn't seem to be as much of a harvester as a comment spammer. Still, after blocking that ip, I did include a honeypot link on my 403 page in the event it's interested. :P



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–25, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email