Page tree
Skip to end of metadata
Go to start of metadata

In the beginning there was mail spam. This kind of spam did not require very much to stop - once a mail server was sending junkmail, the sender was controlled by a DNS resolver that it was not blacklisted somewhere by the simple, as we know it, 127.0.0.X-validation. There was no need for anything else. The time passed and suddenly posting data anonymous on webforums, usenet and other form of social media via broken proxies became very popular. This DNSBL project is based on a webforum, created during the year 2006 and this is probably the first time that we, our crew, experienced hate speech on web forums which took place over anonymous proxies. The web forum itself was hosted by Kanal 5, a swedish TV-channel where discussions was mostly about the contestants in "Big Brother" that was very popular. The era of trolling was quite new born (at least at forums) and sometimes people that wanted to look bigger than they was figured out that they could clone themselves via proxies. If the haters could convince others that their fan club was bigger, they could also influence final results of their attacks. Even if there was only one person behind the hate speech.

This formed a method to stop spammer via other channels than SMTP. A part of the ongoing traffic was hosted via IRC. Checking proxies at IRC levels was quite easy, since the lookup was made once during the initial connection. At this moment, there was a project - BOPM (Blitzed Open Proxy Monitor - that had special client to look up and check every single connection on the irc server. However, there was no proper solution for http traffic and http traffic was different to the other protocols, since lookups had to be made each time an access to the webserver was made. This also caused a very high amount of DNS traffic, even if most of the traffic was cached at the DNS point.

Tornevall Networks started to think of migrating a solution into web spaces, based on BOPM. So it all started with simple DNS lookups and the problem, described above, hit this service when about half of the show had went on: The more scandals that popped up in the show, the more visitors joined the forum and the hits, combined with DNS lookups, made the forum go slow. Trying to block the trolling also had a system that tried to trace the proxies back to the original poster. The idea of cache all resolving into completely local lookups created which created an extra protective layer between the web servers and the DNS servers. Once the lookup was made via the DNS resolvers, the rest of the lookups went through a local database and most of the problems disappeared.

Somewhere in then ending of may 2006, this project was initialized as an open source project and plugins was released at sourceforge for the CMS tool e107, vBulletin with stand alone code. A new era of internet abuse was about to take place.

  • No labels