Interesting referrer

by Volker Weber

Stefan has an interesting referrer.

watchlistTN.GIF

Comments

Looks like these are prank referrers. See Brent Simmons' weblog for more — he got the same thing:

http://inessential.com/?comments=1&postid=2462

i had the same referrer this morning...

Pepino, 2003-04-03

Also from 66.12.154.134?

Stefan Rubner, 2003-04-03

66.12.154.134 bdsl.66.12.154.134.gte.net

Network Data
Network id#: 1
GTE.net LLC VZN-DSL (NET-66-12-0-0-1)
66.12.0.0 - 66.15.127.255
Genuity DSL VZN-DSL-GEN-BLK02 (NET-66-12-128-0-1)
66.12.128.0 - 66.12.255.255

Registrant:
GTE Intelligent Network Services (GTE2-DOM)
5525 MacArthur Blvd.
IRVING, TX 75038
US

Administrative Contact:
Verizon Online (XZTJATUWFO) hostmaster@GTE.NET

Volker Weber, 2003-04-03

Also, there doesn't seem to be a server named homeland.fbi.gov.

I vote for prank, too.

Baumi, 2003-04-03

Och komm, da glaubt irgendwer noch halbwegs ernsthaft an Referer?
;-)

Wolfgang Flamme, 2003-04-03

Yes Wolfgang, some of us still like referrers, but it does pay to "take them with a pinch of salt" as they say ;-)

FWIW, the prank Brent got also originated from a GTE service.

Ben,
sorry for having switched to german above: what I meant was "someone still really believes in referrers?".
I like them, too - but I don't believe in them.

Tonight I found another issue with referrers, even if your site is not in danger because you parse URLs for tags you might keep a URLEncoded referrer log that corrupts other sites.
I described the issue here
http://www.sns1.de/partner/flamme/wflamme.nsf/Tag/2003-04-04:ReferrerNeu
but will consider this in the spam-safe routines of the blogsphere project too. Just about to write a note.

Tested it with Volker's referrer log tonight and unfortunately, although Volker's site itself doesn't seem to be vulnerable, there is a problem:
See 'www.parlament-berlin.de' referrer in Volker's referrer list, performing a redirect back to here.

Wolfgang Flamme, 2003-04-04

The note mentioned above now is available in en:
http://www.openntf.org/projects/pmt.nsf/66d9103768cc2fed85256c59006b5433 /4beaad33b01aa35d88256cfe002e502a!OpenDocument

Wolfgang

Wolfgang Flamme, 2003-04-04

Yes, I'm amazed people go on referrers to such a degree: James Duncan Davidson has just 'blogged about the FBI referrer also. I take the view that anytying can be spoofed. For example, I've had referrers from cnn.com and bbc.co.uk. Well, I know full well that my wee site hasn't featured there.

I regard referrers as a handy way of discovering new sites, nothing more, and I think ultimately, we will have to abandon them, as referrer spamming becomes more common. A pity, but there it is.

i have the same thing. hit me 3 times all with the same id at the end.

http://mike.essl.com/comments.php?id=82_0_1_0_C

mike essl, 2003-04-05

Ben,

you can trust IP due to http 3-way-handshake and the timestamp. However I know of at least one US domino hoster who's last year's logs claimed he was located somewhere in siberia (admin didn't know eastern from western longitude appearantly) so I'm not absolutely confident with respect to the timestamp...
Anything else (user_agent, referrer) can be spoofed easily.

I'm afraid referrer spam will rapidly increase, too.

- weblogs are becoming more and more popular as well as displaying ones referrers to the audience/community - an attractive way for spammers to become 'promoted'.

- referrer spamming is much more effective (thus much cheaper) than email spamming. You don't even need a high speed connection, even a modem will do fine. Another broad wave of 'get rich immediately' is awaiting us - we cannot keep track of so many IPs to block.

- there are more ways to cheat than in email spam. And cheating is much easier to do.

- there's no need to look for open relays any more or circumvent the restrictions of throwaway and freemail accounts

- victims are easier to target: eg you get an updated, ready-to-spam XML list from weblogs.com and don't need to do any email harvesting or blind mailing no more.

- it's not illegal

Yes, the hype will cease rapidly as soon as validating referrers will become common. But that might impose different threats which I'm still investigating about.

The idea of referrers is a very valuable one but it has to be replaced by a more reliable method. Unfortunately TrackBack has similar issues as I have already pointed out.

To speak the truth, I'm out of ideas at the moment.

Wolfgang Flamme, 2003-04-05

Hi Volker!
Awake, aren't you? :-)
Just wanted to find out how your code is built. If I can cheat *you* I'm sure it's an issue noone has taken care of.

OK I stop it now. Sorry for having been a p.i.t.a.

Wolfgang Flamme, 2003-04-05

Never mind. I have a very convenient way to get rid of this spam.

Volker Weber, 2003-04-05

Recent comments

Volker Weber on Lenovo Smart Clock Essential at 08:29
Stefan Niemeier on Lenovo Smart Clock Essential at 08:25
Volker Weber on Lenovo Smart Clock Essential at 21:51
David Guillaume on Lenovo Smart Clock Essential at 21:46
Richard Albury on No battery woes on Apple Watch 6 at 18:56
Stefan Pfeiffer on Apple Watch 6 :: Erste Eindrücke at 16:02
Eric Bredtmann on Leatherman Free T4 :: Das hat sich bewährt at 19:53
Volker Weber on Leatherman Free T4 :: Das hat sich bewährt at 19:36
Volker Weber on No battery woes on Apple Watch 6 at 19:25
Dominique Roller on Leatherman Free T4 :: Das hat sich bewährt at 17:03
Bernd Hofmann on No battery woes on Apple Watch 6 at 16:33
Jan Van Puyvelde on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 14:30
Volker Weber on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 13:37
Volker Weber on No battery woes on Apple Watch 6 at 13:34
Dominique Roller on No battery woes on Apple Watch 6 at 13:31
michael rother on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 06:40
Jan Van Puyvelde on Lenovo Yoga Slim 7 i7/16/1000 :: Erste Eindrücke at 02:22
Volker Weber on Der Solo Loop ist toll at 15:04
Manfred Wiktorin on Der Solo Loop ist toll at 13:32
Bernd Hofmann on Apple Watch 6 :: Erste Eindrücke at 12:11
Volker Weber on Apple Watch 6 :: Erste Eindrücke at 10:06
Sascha Westphal on Apple Watch 6 :: Erste Eindrücke at 08:30
Valentin Woelm on Apple Watch 6 :: Erste Eindrücke at 23:26
Jochen Kattoll on Scanning websites with Blacklight at 22:54
Markus Michalski on Jabra Firmware 2.4.5 for Evolve2 65 at 16:59

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 12:23

visitors.gif

Paypal vowe