Lloyd Bryant wrote:
> >What spam?
> Uh, the ludicrous fake replies. For example, I query on "Gerald Brom", I
> routinely see responses like "GERALD_BROM.EXE" "GERALD_BROM.ZIP", etc, which
> I know from experience are either some form of advertisement or some sort of
> Windows trojan (if not both). Such spam is easy to spot, as it's always a
> variation of the query string ("gerald_brom.jpg" "g_e_r_a_l_d_b_r_o_m.exe"
> "GERALD_BROM.wmv", etc), so identifying it is no problem.
Well, I haven't updated spam.txt in a couple of weeks so there is probably
a lot of spam slipping through again.
> I'm afraid that the SHA1-based "spam.txt" solution is simply ineffective -
No, it's not. It obviously cannot filter all of it but if you look how much
gets caught it'll be quite worth it for some time. The spam is also marked
with timestamps so that we could expire old spam. The trojans will sooner
or later just disappear when people updated their scanners.
> all the spammer needs to do to the change the SHA1 is change one bit
> anywhere in the file. The spammers can potentially re-roll their payload on
> a daily basis, so there's no way to keep "spam.txt" current...
You can svn up the files. I'm not certain that's in line with SourceForge's
types of service, so I do not officially suggest this and there's certainly no
need to update more than once per week unless you're tracking current SVN
anyway. I could host these files elsewhere but I don't really want to run
Apache or any other bulky web server and CVS or rsync are even more awkward as
they require a user account. I'd prefer a plain HTTP server and a client-side
solution for incremental updates e.g., a script based on curl which would apply
patches to an existing file whereas the patches are PGP signed.
Of course, one might wonder whether Gnutella can't help itself here.
--
Christian
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Gtk-gnutella-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel
