Posted by John Taylor-Johnston on 09/04/05 20:22

For badness, you could have an automated gif with a couple of numbers
the user has to authenticate the form. If not complete or correct, add a
header and send them to http://localhost/404.htm. Real nasty and will
tie up their machine long enough.
John


Brian Dunning wrote:

> Hi all -
>
> I have forms on a number of unrelated web sites that just send me an
> email for one purpose or another. There are 2 to 6 fields: name,
> email, comment, etc. No big deal.
>
> Recently I've been getting a lot of weird submissions. I'll receive
> half a dozen at a time, with all the fields filled with some kind of
> garbage contents. Here is one example from a form on my
> americansubstandard.com site:
>
> ---snip---
> COMMENT: ngeiszka@americansubstandard.com
> NAME: ngeiszka@americansubstandard.com
> ---/snip---
>
> Other times one of the fields will contain a complete multipart
> submission, like this:
>
> ---snip---
> COMMENT: jhynvyf@americansubstandard.com
> NAME: jhynvyf@americansubstandard.com
> Content-Type: multipart/mixed; boundary=\"===============1655480186==\"
> MIME-Version: 1.0
> Subject: e8df6b7
> To: jhynvyf@americansubstandard.com
> bcc: jrubin3546@aol.com
> From: jhynvyf@americansubstandard.com
> This is a multi-part message in MIME format.
> --===============1655480186==
> Content-Type: text/plain; charset=\"us-ascii\"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> xqofli
> --===============1655480186==--
> ---/snip---
>
> I wonder if this is some kind of automated attack attempt. Does
> anyone recognize this type of thing, and is it potentially dangerous?
> Should I do something about it?
>
> - Brian

[Back to original message]