For badness, you could have an automated gif with a couple of numbers
the user has to authenticate the form. If not complete or correct, add a
header and send them to http://localhost/404.htm. Real nasty and will
tie up their machine long enough.
John
Brian Dunning wrote:
Hi all -
I have forms on a number of unrelated web sites that just send me an
email for one purpose or another. There are 2 to 6 fields: name,
email, comment, etc. No big deal.
Recently I've been getting a lot of weird submissions. I'll receive
half a dozen at a time, with all the fields filled with some kind of
garbage contents. Here is one example from a form on my
americansubstandard.com site:
---snip---
COMMENT: ngeiszka@xxxxxxxxxxxxxxxxxxxxxxx
NAME: ngeiszka@xxxxxxxxxxxxxxxxxxxxxxx
---/snip---
Other times one of the fields will contain a complete multipart
submission, like this:
---snip---
COMMENT: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
NAME: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
Content-Type: multipart/mixed; boundary=\"===============1655480186==\"
MIME-Version: 1.0
Subject: e8df6b7
To: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
bcc: jrubin3546@xxxxxxx
From: jhynvyf@xxxxxxxxxxxxxxxxxxxxxxx
This is a multi-part message in MIME format.
--===============1655480186==
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
xqofli
--===============1655480186==--
---/snip---
I wonder if this is some kind of automated attack attempt. Does
anyone recognize this type of thing, and is it potentially dangerous?
Should I do something about it?
- Brian
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
