On Thu, Mar 01, 2001 at 08:43:21AM -0800, Chuq Von Rospach wrote:
> On 3/1/01 8:04 AM, "Tim Pierce" <[EMAIL PROTECTED]> wrote:
>
> > The difference is that there are a lot of "passwords" (search
> > terms) which are likely to yield access.
>
> Except that's not really true.
You mean there are not a lot of passwords which are likely to yield
access? :-)
> If you search on ".com", ".net" and ".edu"
> you solve 95% of the problem, and that's more than good enough for most
> harvesters. Those pull up lists of links that can then easily be spidered on
> most search engines, and will almost always have exactly what they're
> looking for: email addresses.
Yes, searching on .com, .net and .edu in a search engine will often
yield good results. Searches on "apple," "jones," "artichoke,"
"blender" and "schoolbus" may yield even better ones. But when a
spider encounters a form, it doesn't know if it's looking at a
search engine, a software registration form, a password authentication
page, or an adventure game. Hammering the form with randomly chosen
search terms may produce results, and it may produce nothing.
The point is that to date, the spider authors have not found it
worth their while to pursue this line of attack, and I do not expect
that they will any time soon.
But I invite you to prove me wrong. I welcome it. Put an e-mail
address behind a page that can only be reached through a form.
Have the page linked from a hundred different sites so it gets
hammered to death. Show me the spam that you get. Take your time,
I'll be here.
--
Regards,
Tim Pierce
RootsWeb.com lead system admonsterator
and Chief Hacking Officer
