Advertisement
Promo

Security threats Toolkit

News site hit by trackback spam

Tom Espiner ZDNet.co.uk

Published: 21 Mar 2007 15:10 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Companies have been warned of potential difficulties with trackbacks on their websites after an outbreak of trackback spam — which pointed to adult sites — hit a Filipino news site late last week.

The Newsbreak.com.ph site was targeted on Friday, prompting staff to disable the site for nine hours. "The spammers used the trackback feature to flood our site with links to various porn sites," said a Newsbreak.com article. "We found over 27,000 trackbacks."

A Trackback is a form of link used on news sites and blogs to identify referrer sites. Trackbacks allow website administrators to see who has linked to their sites, and also allow readers to find related links. To track back, the site needs a referrer — the URL that an http look-up is supposed to be coming from — and a user agent — an identifier for a piece of software that connects to a network, usually a web browser.

The problem is that both referrer and identifier are easy to fake. Faking is achieved by writing a small piece of software that sends false information in the header as a request to the server.

Spammers can use trackbacks to hyperlink postings on legitimate sites to sites of their choice. Some spammers link to phishing sites, or overwhelm a blog server with trackback spam in a distributed denial of service (DDoS) attack.

Trackback spam is difficult to deal with, because trackback is not necessarily tied to registration on a site, and even if it is, spammers need only to register to spam the site. It's possible to have trackback spam filters, but they operate by looking for common terms, which can generate a lot of false positives and negatives.

Graham Cluley, senior technology consultant for Sophos, warned that trackbacks are increasingly being exploited. "It's a shame that an innovative technology like trackback should be so widely abused," said Cluley.

Newsbreak has now suspended the trackback feature of its site, and users are being asked to log in before posting any comments. Newsbreak added that it is raising the level of its site security.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
6 out of 6 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:




Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters