<quote who="Jamie Wilkinson"> > I'm wondering now how wide-spread this proxy spam attack is.
Very; there are automated systems that go looking for these, as well as old FormMail scripts, open http proxies (checking for CONNECT to do exactly the same thing), yada yada yada. > So, does anyone know how to detect if a webserver is an open proxy just by > connecting to it? Or is that another thing that would be brute-forced? I > suspect not, otherwise there'd be a lot of proxied POST attempts showing > up in the logs. Perhaps find a spammer's toolkit? :-) Constructing the POST shouldn't take too long, though. - Jeff -- linux.conf.au 2004: Adelaide, Australia http://lca2004.linux.org.au/ "In the beginning was the word, and the word was content-type: text/plain" - Martin Schulze -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
