On 1/1/11 12:19 PM, Steve Freegard wrote:
8) What UserAgent is used in the HTTP request? If they can easily
detect that the request is not a real browser, then they can avoid
detection by using a safe looking fake response, while browser-based
redirects go to the intended spam target.
Currently the default used by the LWP module. Could easily set it to
use an identical string to Firefox or IE.
and, on occasion, our IPS will tarpit, or delay, or totally block
anything that hits the web servers more than a couple of times with LWP
(or java lib), assuming its a spammer using LWP to harvest web sites for
email addresses, so, changing it would be good.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
