LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/LG/issue80/lg_backpage.html

328 lines
13 KiB
HTML
Raw Permalink Blame History

<!--startcut ==========================================================-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html> <head>
<title> The Back Page LG #80</title>
</head>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
ALINK="#FF0000">
<CENTER>
<A HREF="http://www.linuxgazette.com/">
<H1><IMG ALT="LINUX GAZETTE" SRC="../gx/lglogo.png"
WIDTH="600" HEIGHT="124" border="0"></H1></A>
<!-- *** BEGIN navbar *** -->
<!-- *** END navbar *** -->
<P>
</CENTER>
<!--endcut ============================================================-->
<H4 ALIGN="center">
"Linux Gazette...<I>making Linux just a little more fun!</I>"
</H4>
<P> <hr> <P>
<H1><font color="maroon">The Back Page</font></H1>
<ul>
<li><a HREF="#wacko">Wacko Topic of the Month</a>
<li><a HREF="#spam">World of Spam</a>
</ul>
<a name="wacko"></a>
<P> <hr> <P>
<!--====================================================================-->
<center><H3><font color="maroon">Wacko Topic of the Month</font></H3></center>
<P> <HR> <P>
<!--======================================================================-->
<P>
<H3 ALIGN="center"><FONT COLOR="green">SpamAssassin</FONT></H3>
<p align="right"><FONT COLOR="#000000"><strong>
</strong></FONT></p>
<P> I installed <A HREF="http://www.spamassassin.org/">SpamAssassin</A> (SA)
and instantly developed a new pastime. Even funnier than reading spam is
reading what SA has to say about it. SA is a filter daemon (or standalone
program) that reads an e-mail message and analyzes it for spam, adding a
couple headers to give its verdict. If it thinks the message is spam, it also
puts a "***SPAM***" prefix in the Subject: and adds some structured comments to
the body saying what's suspicious about the message. Those comments in the
body are where the funny parts are. SA is so amusing that I've given up my
two other recent pastimes: collecting Klez worms and Nigeria scams. I just
/dev/null the Klez worms now.
<PRE>
SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content analysis details: (16.2 hits, 5 required)
SPAM: Hit! (2.2 points) BODY: As seen on national TV!
SPAM: Hit! (1.5 points) BODY: Asks you to click below
SPAM: Hit! (0.2 points) BODY: No such thing as a free lunch (1)
SPAM: Hit! (-0.1 points) BODY: Claims you can be removed from the list
SPAM: Hit! (2.1 points) BODY: Talks about opting in
SPAM: Hit! (3.0 points) URI: Uses a dotted-decimal IP address in URL
SPAM: Hit! (0.1 points) URI: Uses non-standard port number for HTTP
SPAM: Hit! (3.5 points) URI: URL of page called "remove"
SPAM: Hit! (-0.8 points) BODY: JavaScript code which can easily be executed
SPAM: Hit! (-0.5 points) BODY: HTML mail with non-white background
SPAM: Hit! (1.8 points) BODY: Tells you to click on a URL
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM:
SPAM: -------------------- End of SpamAssassin results ---------------------
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Hit! (0.6 points) Invalid Date: header (wierd month)
SPAM: Hit! (0.5 points) BODY: A WHOLE LINE OF YELLING DETECTED
SPAM: Hit! (3.0 points) URI: Uses a dotted-decimal IP address in URL
SPAM: Hit! (-0.8 points) BODY: Image tag with an ID code to identify you
SPAM: Hit! (-0.4 points) BODY: Contains a line >=199 characters long
SPAM: Hit! (1.8 points) BODY: Tells you to click on a URL
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM: Hit! (2.0 points) Received via a relay in relays.osirusoft.com
SPAM: [RBL check: found 148.167.27.64.relays.osirusoft.com., type: 127.0.0.4]
SPAM: Hit! (3.0 points) DNSBL: sender is Confirmed Spam Source
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Hit! (1.0 point) From: ends in numbers
SPAM: Hit! (0.5 points) Subject has an exclamation mark
SPAM: Hit! (0.4 points) Subject has lots of exclamation marks
SPAM: Hit! (-0.5 points) BODY: Contains 'Dear Somebody'
SPAM: Hit! (2.7 points) BODY: Nigerian scam key phrase ($NN,NNN,NNN.NN)
SPAM: Hit! (2.4 points) BODY: Nigerian scam key phrase
SPAM: Hit! (4.3 points) BODY: Nigerian Bank or Petroleum scam, cf http://www.snopes2.com/inboxer/scams/nigeria.htm
SPAM: Hit! (2.2 points) BODY: Risk free. Suuurreeee....
SPAM: Hit! (-0.4 points) BODY: Contains a line >=199 characters long
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Hit! (4.3 points) Reply-To: is empty
SPAM: Hit! (2.4 points) 'Message-Id' was added by a relay (2)
SPAM: Hit! (2.2 points) From: has a malformed address
SPAM: Hit! (1.5 points) Message-Id is not valid, according to RFC-2822
SPAM: Hit! (1.3 points) Message-Id has no @ sign
SPAM: Hit! (0.5 points) Possibly-forged 'Received:' header found
SPAM: Hit! (2.1 points) BODY: FONT Size +2 and up or 3 and up
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Hit! (1.0 point) From: ends in numbers
SPAM: Hit! (0.5 points) Subject has an exclamation mark
SPAM: Hit! (0.4 points) Subject has lots of exclamation marks
SPAM: Hit! (0.9 points) URI: Filename is just a '\#'; probably a JS trick
SPAM: Hit! (-0.8 points) BODY: JavaScript code which can easily be executed
SPAM: Hit! (0.0 points) BODY: Includes a URL link to send an email
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM: Hit! (1.9 points) Subject is all capitals
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Content analysis details: (6.2 hits, 5 required)
SPAM: Hit! (1.1 points) BODY: Contains a large block of hexadecimal code
SPAM: Hit! (-0.6 points) BODY: Frame wanted to load outside URL
SPAM: Hit! (1.8 points) No MX records for the From: domain
SPAM: Hit! (1.9 points) Subject is all capitals
SPAM: Hit! (2.0 points) Subject contains a unique ID number
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Content analysis details: (10.1 hits, 5 required)
SPAM: Hit! (1.2 points) Valid-looking To "undisclosed-recipients"
SPAM: Hit! (0.5 points) Subject has an exclamation mark
SPAM: Hit! (0.4 points) Subject has lots of exclamation marks
SPAM: Hit! (0.2 points) BODY: Contains at least 3 dollar signs in a row
SPAM: Hit! (0.2 points) BODY: No such thing as a free lunch (1)
SPAM: Hit! (2.3 points) BODY: List removal information
SPAM: Hit! (1.9 points) BODY: List removal information
SPAM: Hit! (1.0 point) BODY: No such thing as a free lunch (3)
SPAM: Hit! (0.5 points) Forged hotmail.com 'Received:' header found
SPAM: Hit! (1.9 points) Subject is all capitals
</PRE>
<HR NOSHADE WIDTH="80%"> <!--*********************** -->
<PRE>
SPAM: Content analysis details: (12.6 hits, 5 required)
SPAM: Hit! (2.0 points) From: contains numbers mixed in with letters
SPAM: Hit! (1.0 point) From: ends in numbers
SPAM: Hit! (0.6 points) From: does not include a real name
SPAM: Hit! (2.7 points) BODY: Claims you can be removed from the list
SPAM: Hit! (1.9 points) BODY: List removal information
SPAM: Hit! (0.1 points) BODY: List removal information
SPAM: Hit! (1.3 points) URI: Includes a link to a likely spammer email address
SPAM: Hit! (-0.4 points) BODY: Contains a line >=199 characters long
SPAM: Hit! (0.5 points) Forged hotmail.com 'Received:' header found
SPAM: Hit! (1.0 point) Received via a relay in orbs.dorkslayers.com
SPAM: [RBL check: found 17.98.187.210.orbs.dorkslayers.com.]
SPAM: Hit! (1.9 points) Subject is all capitals
</PRE>
<a name="spam"></a>
<P> <hr> <P>
<!--====================================================================-->
<center><H3><font color="maroon">World of Spam</font></H3></center>
<P> <HR> <P>
<!--======================================================================-->
<P>
Well well well well well, I <EM>do</EM> declare. What's the most interesting
piece of spam this month? Tsk, tsk. (For background info about this company,
see the News Bytes column in LG #71-76.)
<PRE>
From: "ElcomSoft, Inc" <elcomsoft@filedistributor.com>
To: Webmaster <gazette@ssc.com.SMTP.gazette@ssc.com>
Date: Thu, 16 May 2002 20:24:52 +0800
Subject: Request Review for Advanced PDF Password Recovery Pro 2.0
Dear Webmaster
Our company, ElcomSoft Co. Ltd., would like to announce the release of Advanced
PDF Password Recovery Pro 2.0 for Windows 95/98/ME/NT/2000/XP. We hope you will
consider reviewing Advanced PDF Password Recovery Pro (APDFPR) for Linux Gazette.
Should you need a full version for<6F>review, please contact me at info@elcomsoft.com.
Please find the press release of Advanced PDF Password Recovery Pro below for
your information.
Warmest Regards,
Dmitry Harchenko
Marketing Manager
ElcomSoft Co. Ltd.
--------------------------------------------------------------------------------
FOR IMMEDIATE RELEASE - May 17, 2002
ElcomSoft Releases Advanced PDF Password Recovery Pro 2.0 for Windows 9x/ME/NT/2000/XP
Gain Control of PDF Files
Moscow, Russia - ElcomSoft Co. Ltd. has released Advanced PDF Password Recovery
(Professional) 2.0 for Windows ME/98/95/NT4/2000/XP. This program makes it easy
to remove both password encryption and usage restrictions from Adobe Acrobat
PDF files. APDFPR now comes with multiprocessor support, guaranteed recovery
and state-of-the-art optimization for modern processors.
With the increasing popularity of PDF formatted file, comes increasing number
of problems which occur when authors forget the passwords to their source documents.
ElcomSoft has revised version 2.0 of its Advanced PDF Password Recovery (Professional)
software to allow the seemingly impossible recovery of password for these documents.
This software package handles both owner and user passwords used to protect PDF
documents. The latest addition to ElcomSoft's family of password recovery software
allows business managers to recover lost and destroyed passwords. It also helps
in dealing with employees who, intentionally or unintentionally, are unable to
edit and print password-protected PDF files.<2E>
Finally, APDFPR is also a state-of-the-art computer forensics tool that could
be used by law enforcement, military and intelligence agencies to open secure
documents. PDF documents protected with access restrictions password can be decrypted
instantly, allowing full access to the document. For documents with "user" passwords
(that could not be opened without that password), the program blazes through
brute-force password attempts at a rate of a few hundred thousand passwords per
seconds! The code has been effectively optimized for most CPUs such as Celeron,
Pentium II, Pentium III, Duron and Athlon. More sophisticated methods are available,
such as applying all words from a dictionary. ElcomSoft's website has dictionaries
for more than 20 different languages, from English to African.
Even if the above methods fail because the password is too long and complex,
the program runs a special key search attack which gives a 100% success rate
on files with 40-bit encryption (used in all Adobe Acrobat 4 and most Acrobat
5 files). This may take some time to run, but is well worth the time if your
document is very important. If you have a dual processor system, APDFPR takes
advantage of it to double the performance of this software. On modern systems
with Athlon MP CPUs, the document can be recovered in maximum 4 days, regardless
of the password length and complexity!
System Requirements
Win 95/98/Me/NT/2000/XP, 600K free on Hard Disk.
Price
Standard Edition costs $30, Professional Edition costs $60; free trial version
is available.<2E>
About the Company
Established in 1990, ElcomSoft Co.Ltd. provides state-of-the-art computer forensics
tool development, computer forensics training and computer evidence consulting;
not only to individuals, but also to law enforcement, military and intelligence
agencies worldwide since 1997. ElcomSoft tools are also used by most of Fortune
500 corporations, many branches of the military departments all over the world,
foreign governments and all major accounting firms.
ElcomSoft Co.Ltd. and its officers are members of the Association of Shareware
Professionals (ASP), the Russian Cryptology Association, and the Microsoft Business
Connection program.
More Information
Please visit the program's homepage at
<A HREF="http://pdf.elcomsoft.com">http://pdf.elcomsoft.com</A>.
</PRE>
<HR> <!-- ************************************************************** -->
<P> Happy Linuxing!
<P> Mike ("Iron") Orr<br>
Editor, <A HREF="http://www.linuxgazette.com/"><i>Linux Gazette</i></A>, <A
HREF="mailto:gazette@ssc.com">gazette@ssc.com</a>
<BR CLEAR="all">
<!-- *** END Not Linux *** -->
<!-- *** BEGIN copyright *** -->
<P> <hr> <P>
<H5 ALIGN=center>
Copyright &copy; 2002, the Editors of <I>Linux Gazette</I>.<BR>
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 80 of <i>Linux Gazette</i>, July 2002</H5>
<!-- *** END copyright *** -->
<!-- startcut ============================================================-->
<CENTER>
<!-- *** BEGIN navbar *** -->
<!-- *** END navbar *** -->
</CENTER>
<!-- endcut ============================================================-->
</BODY></HTML>
Reference in New Issue View Git Blame Copy Permalink