[X Newbies] Vicious Spam
Vincent Cayenne
vcayenne at mac.com
Mon Jan 26 10:35:18 PST 2004
At 11:55 AM -0600 1/26/04, Michael Winter wrote:
>><http://www.fdic.gov�@211.191.224.108:3180/index.htm>
>
>See the @211.191.224.108? The "@" means the numerical IP address is
>the one being used, and anything in front of that is simply data
>being sent along for the ride.
Actually, for protected areas of a site requiring login, a legitimate
URL construct is http://username:password@actual.site.address, so web
servers "see" the URL we're looking at a little differently from the
way many would suspect. The http:// is standard, then the entire bit
before the @ would be passed as a login and the stuff between the @
and the : is the site address. After the second : comes the port on
that machine that's being accessed - usually it is port 80 and does
not have to be specified as that's the default but they're running
their server on 3180 instead. The rest is the specific document on
that server that is being retrieved for display by the browser.
> That's how some sites determine who "refers" the browser to them
>(mostly used for ads). In this case though, its simply being used to
>obfuscate the actual address.
Yes, they're using a valid URL construct that is obscure to many
people so that even if recipients go beyond the underlined URL in
their HTML mail display and actually look at the real address, many
might look no further than the portion before the @ and that portion
has nothing to do with the destination.
--
Any sufficiently advanced technology is indistinguishable from magic.
- Arthur C. Clarke
More information about the X-Newbies
mailing list