vipul's razor
Jeff Mcadams
jeffm at iglou.com
Thu Mar 14 15:58:32 UTC 2002
Also sprach Petr M. Swedock
>Is't possible to use this to 'poison' the catalogue: that is to say,
>how easy is it to create a denial-of-service for legitimate mail?
I'm not an expert on how Vipul's Razor does its cataloguing, but I
suspect its quite easy to do so, yes.
The man page (perldoc) for razor-report shows you how to set up a
"trolling" address that auto-submits every received email via
razor-report. Simply subscribe an address set up that way to BUGTRAQ or
other mailing lists and every BUGTRAQ post (or whatever list its
subscribed to) would be auto-submitted to razor as spam.
Then for the other people on the list that are using
razor-check...whether the post would get flagged as spam would be a race
condition...do you get your copy before the trolling address gets its
copy and gets it submitted to the catalogue?
I think the idea of the razor is good...but needs some
refinement...maybe ability to set a threshold on the number of reports
needed to flag something as spam?
--
Jeff McAdams Email: jeffm at iglou.com
Head Network Administrator Voice: (502) 966-3848
IgLou Internet Services (800) 436-4456
More information about the NANOG
mailing list