On Mon, 9 Feb 2009 10:15:32 -0500 [email protected] wrote:
>On Mon, Feb 09, 2009 at 09:07:15AM -0600, [email protected] wrote 1.4K bytes
>in 26 lines about:
>: An unnamed exit with fingerprint
>$8424E8653469B1EFF87E79E8599933A3BAF8FDB2
>: is redirecting HTTP port 80 to
>
>Ah, 'apple'. Again they try this exact same tactic. Silly people.
>
Yes, but unfortunately that relay ranks fairly high in terms of data
rates, so it attracts a lot of traffic. :-( I see that the fingerprint has
changed since the first time I added it to my ExcludeNodes list. I notice
also that both kangnam.megapass.net (121.138.6.100) and the IP address that
appears in the bogus part of the substituted URL are in South Korea, which
is one of the worst cesspools of crackers, massmailers, and other undesirable
types that plague the Internet.
I hope that work is still progressing on automated detection and flagging
of BADEXITs.
Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet: bennett at cs.niu.edu *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good *
* objection to the introduction of that bane of all free governments *
* -- a standing army." *
* -- Gov. John Hancock, New York Journal, 28 January 1790 *
**********************************************************************