spamCle@ner.org > Various Links, spam museum, programs and various articles. Links : Antispam : Arobase.org (french) : e-mail from A to Z, this website is fully dedicated to internet messaging (softwares, services, how-to's) and of course, a large section about spam. spamcleaner.net (french & english) : spamCle@ner.org's big sister (and sponsor) ! The most complete antispam toolkit available : ASP filtering, POP3, IMAP, POP3/SSL and IMAP/SSL compatibility, fully personalised configuration with a lot of advanced options and tough filtering rules, disposeable emails and tons of features. Free 7-Day trial. Spam Links (english) : probably the biggest antispam portal with a huge amount of spam-related links. Divers : The Free Software Foundation (french & english) : f-r-e-e as in 'free speech' not as in 'free beer'. Small spam museum : A small serie of spams. The most dyslexic one The least random one The most beautiful ones The most inattentive one The most idiotic one The most honest one The most variable one The least stupid one The loooooooongest one The most sparing one Programs : Security : Windows : spamMonitor spamMonitor is a small program to detect if your computer is sending spams, in case of a virus/rootkit infection. It displays an alert each time an outgoing SMTP connection is established from your PC and gives you all details about such a connection (program, PID, remote IP...). Entirely written in assembly language, it is fast, small (only 20 Kb) and requires very little system resources. It is free, distributed under the Gnu GPL and its source code is available for download. Security : Linux : Floodmon Floodmon is a small Perl daemon used to monitor a server and to detect SYN flood attacks, to alert the administrator and to mitigate the attack in order to allow legitimate connections to succeed (HTTP, POP3, SMTP...). It includes a passive and active defense system able to adjust itself according to the attack magnitude. Security : Linux : Killcx Killcx is a Perl script to close a TCP connection under Linux, whatever its state is (half-open, established, waiting or closing state). Security : Windows : wKillcx wKillcx is a small command-line utility to close any TCP connection under Windows XP/Vista/Seven as well as Windows Server 2003/2008. The source code (assembly language) is included with the binary. Security : Linux : Jamd Tarpit for port scanners, spammers, script-kiddies and various DoS attacks (slowloris). Various articles : E-mail, antispam and security. Anti-spam: how to get rid of referer spam They love to fill our server logs with links pointing to their websites to improved their page ranking. As they like to eat our bandwidth, we will eat theirs. Anti-spam : how to get rid of spam bots They are evil, stupid and love to crawl websites in order to steal and swallow every single email they can find : let's please and feed them ! Anti-spam : how to protect your blog/forum from comment spam Many webmasters do not want to protect their blog or forum with a CAPTCHA test, or to use external filtering services, in order not to bother too much their users. However, they are all facing the same problem : blog spams (AKA comment spams). We'll see how we can get rid of them using different tips and tricks, even very simple ones, so that those spambots will belong to the past and, of course, in a fully transparent manner for your visitors. Security : Linux : making a bootable USB drive Making a bootable USB drive with a mini version of Linux and using it to repair our system or restore our MBR (Master Boot Record) is an easy task we tend to forget when everything is working well. But as everything may not always be working well, it is better to be safe than sorry. Security : Linix : USB on-the-fly encryption After turning a USB drive into a Swiss Army Knife, we can use all the space left and turn it into a Fort Knox area. Starting from kernel 2.6 we can quickly and safely encrypt disks and any removable device with dm-crypt. It is so easy to loose a USB key (all thus all its data) that it is worth the (very small) pain to protect it. Security : Linux : using iptables string-matching filter to block vulnerability scanners. Does "w00tw00t.at.ISC.SANS.DFind:)" sound familiar to you ? If you administrate one ore more servers, there are a lot of chances you found it in your logs and that it gave you headaches or even nightmares trying unsuccessfully to get rid of it. Security : Linux : communication between mod_security and iptables to block IP's iptables and mod_security are both very useful applications to protect a server but they cannot communicate with each other to block IP's in real time, mod_security being an apache module, it inherits its privileges. However, it is easy to solve this problem with a simple client/server written in Perl. Security : Linux : HTTP DDoS/flood attacks mitigation with ModSecurity ModSecurity is a module most often used only for string/pattern matching. We will see that it can also do much more than that and be used, for instance, to mitigate or block HTTP floods in an even more effective manner than modules like mod_evasive. Security : Linux : adding comments to iptables rules While viewing all iptables rules from a terminal, it can be a pain to try to remember their meaning. Fortunately, a module can be used to add your own comments. Security : Linux : LiteSpeed webserver monitoring with Munin-node Three plugins to monitor LiteSpeed HTTP webserver with Munin-node.