WhoWhere Robot strikes again
Rich Graves
llurch at networking.stanford.edu
Mon May 27 01:10:29 PDT 1996
On Mon, 27 May 1996, E. ALLEN SMITH wrote:
> a (randomly-created) link to http://foo.bar.com/563.html etcetera? Or are they
> looking at more specific locations that couldn't be faked this way?
What they are doing is spidering the entire web looking for anything that
looks like an email address, running a dictionary finger attack on the
host part of any email addresses they find, and reporting things that look
like lists of email addresses to humans (or the closest approximation
employed by WhoWhere). Usually they do port scans for http and whois
servers too.
The way they bootstrapped their database was with dictionary searches on
InterNIC and okra.ucr.edu, with a significant enough effect that lawsuits
were considered.
-rich
More information about the cypherpunks-legacy
mailing list