but hear me out. I have a plan!
One of my community sites is getting slammed by zombies and bots spamming the referrers. We're talking 1,000's of hits by each IP(and on average, there's 1-200 at a time) every hour, and instead of spamming referrers, they're becoming a low grade DoS attack. I'm using .htaccess to block the majority of them, but as they get stopped, they modify the URL's to get around the blocks people create daily. Also it burns up the server resources doing this. It's easy to block viagra-is-cheap-at-my-store.info, so they've begun hijacking college blogs, and posting their ads on .edu servers, with URL's that don't contain the keywords(mycollegeiscool.edu/dissertation/document/10004389/abc123). Luckily, I can block .edu on this site without much impact to the traffic, but they'll change to something else that I can't block so easily.
So here's why I've told you all of this:
All of the domains are registered under bogus information. I've checked about 20 of them now, and all of them are registered to different aliases, but they all point to the same server
, located in Ft. Lauderdale, in the land of God's waiting room.
So, why hasn't someone come up with a client that will take the current list of servers that are housing the sites that spam of all forms point to, and simply allow the user to utilize their idle time sending bogus requests to these servers, doing in effect the very same thing they're doing to sites like mine, as well as millions of others?
Now, we could get into all kinds of philosophical debates concerning this, and I'd rather talk about the feasibility of the idea, but I know you guys, so I'll warm you up.
1) It's not illegal to connect to a website. That's why they can't do anything to people that flood your logs with referrer spam. You can't in trouble for it, so the legal issue is moot.
2) If you're going to tell me that it's not fair to the carriers to use their B/W for something like this, I will tell you that it is the lesser of two evils. They're using more B/W if allowed to go unchecked, they're causing loss of income, they are turning the web into a worldwide filing cabinet of **** you don't want to see and they're ugly.
3) Sure, they'll move networks, and set up shop again. People will also continue smoking crack while having sex with their relatives and shooting their neighbors. It doesn't mean we should just sit back and allow it to go unchecked. The harder it is to do, the less people there are that want to do it.
Ok, with that out of the way, here's what not to do: It can't have a central repository(website) in which services are provided, updated or data transferred. I think it would have to be more like a torrent system that would allow the network to shift keeping any one IP from becoming a target. You all probably remember the spam service that got DoS'ed out of business because one of the spammers wanted his mail off the block list? The dude went through 3 months of crap before he finally gave up. If you have a static location, there is absolutely no way to make yourself bullet proof. But what if it was a floating IP? How in the hell are you going to stop it? Run the client through blind proxies and have a party!
Your thoughts gents. This will be filed under "Cool things that will never go farther than this forum", but I'm curious to see what ideas come from it.