Farelf Posted May 2, 2010 Share Posted May 2, 2010 Brought over from another topic: ...To track down spammers websites has been quite easy for me... I have got them by using: http://web-sniffer.net Excellent. Another utility to use (without the 'arms-length' anonymity of a web-based utility but still quite safe IMO) is Steve Gibson's ID Serve. This is tiny (28k - written in Complier), independent of browser and fast. It can actually query any port (eg news.spamcop.net:119 or news://news.spamcop.net) but port 80 (HTTP) by default. A fast-flux bot-net hosted http://wk0.tabl-online.com discussed in another topic 'instantly' yields (amongst other information) Location: http://www.discountmedstablets.net What is being discussed specifically is getting detail and re-direction (if present) from spamvertized sites without going to the sites and exposing your browser to any exploit that may be lurking there (and thence, potentially, the compromise of your machine). Needless to say the spam should not be opened to get that bad URL address - use "view page" without opening it, or the SpamCop report that contains it. There are two tools mentioned in the original discussion which should be useful for the 'looking-without-exposing' exercise - the web-based web-sniffer and the stand-alone idserve.exe. Link to comment Share on other sites More sharing options...
rconner Posted May 2, 2010 Share Posted May 2, 2010 There are two tools mentioned in the original discussion which should be useful for the 'looking-without-exposing' exercise - the web-based web-sniffer and the stand-alone idserve.exe. I will add to the list cURL (http://curl.haxx.se/), which fetches files of all sorts in various protocols, including HTTP. You can use the "-i" option to get it to print the HTTP headers, which often contain the HTTP-level redirections. It does not execute scripts or follow redirections, so it is much safer than a conventional browser. It is open-source, free, and runs on Windows, Unix, Mac OS, etc. Here's some info on how you can use curl (or any other similar app, really) for looking at spam websites: http://www.rickconner.net/spamweb/tools-curl.html -- rick Link to comment Share on other sites More sharing options...
Farelf Posted May 3, 2010 Author Share Posted May 3, 2010 ...Here's some info on how you can use curl (or any other similar app, really) for looking at spam websites: http://www.rickconner.net/spamweb/tools-curl.html That's great Rick, thanks. Open-source is great, some folk will touch nothing else (and with some justification). Link to comment Share on other sites More sharing options...
efa Posted May 6, 2010 Share Posted May 6, 2010 'wget' linux tools also do the job. It can download a single web page, follow or not redirection, a whole web site with all its structure silently, cheating on web client identity, using random timeout, configurable retry, limiting dept, bandwidth, ... wget is opensource and exist already compiled for Win32 too java scri_pt interpretation can be optionally done using: 1 - Gecko Spidermonkey TraceMonkey http://en.wikipedia.org/wiki/SpiderMonk ... ipt_engine) http://www.mozilla.org/js/spidermonkey/ can decode all scripts. Is opensource and crossplatform. 2 - Webkit java scri_pt engine "SquirrelFish Extreme" abbreviated SFX can decode all scripts, is opensource and crossplatform too, newer and faster than spidermonkey. http://en.wikipedia.org/wiki/Webkit#JavaScriptCore http://webkit.org/ Both are in LGPL Library/Lesser GPL license that permit use in closed source code too. You can find a list of all the engines here: http://en.wikipedia.org/wiki/JavaScript_engine Both can decode all the java scri_pt scripts because are the real engines that are in the browsers. If spammers write the redirection with Mozilla, and hope users use Mozilla as browser, then you got the same exact results, same redirected URL. Link to comment Share on other sites More sharing options...
Farelf Posted May 6, 2010 Author Share Posted May 6, 2010 Seems like a lovely suite of tools there efa - thanks. Link to comment Share on other sites More sharing options...
Farelf Posted July 2, 2013 Author Share Posted July 2, 2013 Just installed Sandboxie, will give it a run on the occasional suspect website and e-mail attachment. The free version has just about everything needed, subject to a nag screen after 30 days, and default installation covers most of those needs - with straight-forward configuration options if more is needed. FAQ - http://www.sandboxie.com/index.php?FrequentlyAskedQuestions An outside introduction and quick guide recommended by Sandboxie - http://www.techsupportalert.com/content/in...e-sandboxie.htm Sandboxie has been mentioned "here" (by member Lodewijk) before, just not in this forum section. Googling reveals an enthusiastic user base (Windows) though it is not open-source. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.