textfiles/magazines/ANUS/anus31337.txt


               <<<< TH33 WAR3Z 3L33T PR3Z3NTZ >>>>
		 
                 REFLECTOR BOMBING: MAIL MAYHEM
			
                     << WRITTEN BY GOAT >>
				
                            25Sep96
					   
        <<<  KALL TH33 WAR3Z 3L33T: www.anus.com/31337/ >>>
	 
                              666
						 
I. Introduction
II. Reflector Bombs
III. Impact
IV. Disadvantages
V. Legal

Introduction
------------

Most people mail bomb like lame fiends.  They fire up Eudora and attach
a few large GIFs to it with names like ASSHOLE and FUCKFACE and then 
let it fire when they go to bed.  It sends these huge files which if
they make it past the firewall and don't bounce will slam home into
their target's mailbox, forcing an additional 17 minutes of download
time on a 28.8k modem.

While this is an emotionally honest approach and is probably not a 
crime, this is completely ineffective mailbombing. It doesn't strike
to the heart of the matter which is to bloat the mailbox of the 
victim and to hopefully crash their feeble mailer (which, if they're
using the consumer jokeware that the NWO lets us have, Mac or PC, is
bound to occur). There is no vengeance, no force of will, no balls.

Similarly I feel mail floods or forwarding of USENET posts through
anonymous remailers have no guts.  Your victim isn't going to suffer
because oh my god, you mailed them your /tmp.  They suffer because 
they realize the strike against them and its temporary overwhelming
of the system as a manifestation of the world rejecting their needs
while being annoyed enough to become a temporarily sadistic master,
and so they cling to it and often become quite psychologically 
deranged. The damage of mailbombing occurs in a victim's social
sense of self-esteem more than in his or her mailbox.

Your goal is to push the victim to the edge of self-doubt.  How much
does the world hate him/her?  Enough to pave a mailbox in a vicious
mannner, a better kind of mailbomb: the reflector bomb!

Before we begin, let me state two things: 1) I have never seen 
reference to this before in any hacker literature and 2) HAVE 
PHUN BUT D0NT GET KAUGHT!!1!!!.

Reflector Bombs
---------------

The reflector bomb works on the simple principle that mail sent with
spoofed addresses will bounce to the victim.  Its particular agent is
the BCC line, which enables the mailbomber to list any number of fake
addresses on diverse servers for greater inefficiency of routing, 
leading to a wider variety of incoming paths to the target.

For example, my victim, billg@microsoft.com, would probably NOT
elect to send this message:

To: bounce_my_ass@neosoft.com
From: billg@microsoft.com
Reply-To: billg@microsoft.com
BCC: bounce_me@whitehouse.gov, bounce_me@wired.com, 
bounce_me@chron.com, bounce_me@xs4all.nl

Dear Bill,

BOING!

-- TH33 M4DD H4KK3R
/s
.s
/es
/quit
shit
^G^C^H^X^X


...but this message isn't very extreme; only four bcc addresses and one
primary recipient will bounce this message.  It's important to pick a 
server for primary recipient pretty far removed from all other hosts. 
To know how this works, it's important to understand some basic 
networking.

When a host receives mail - from either inside of its domain or from
an external forward (by Internet courtesy-anarchy socialist system of
packet travel most SMTP hosts accept traffic from any other host) - the
receiving host looks at the host in each address and attempts to route
mail appropriately, or detect the beginning stage of a likely path for
the mail and then to forward it on.  

The more diverse the pathways you pick through the Internet, the more
individuality given to these messages so that they arrive at different
times through different size servers.  This eliminates mail clumping,
where one host will service fiftteen forwards and generate only one 
bounce message, and encourages a chaotic disparity in sizes and 
frequency.  The unevenness of this attack makes it more effective on
sites with mail filters than any form of direct assault.

How to put this into execution?  First make your bounce hosts list, and
list 20-60 hosts across your home country that you know have differing 
connection speeds and diverse topology.  Then, find an open SMTP host 
preferrably one which does not transfer the hostname of the originating 
host in the headers of each mail message.  

For bounce hosts, I recommend using major providers and reasonably 
sized ISPs.  Panix.com, xnet.com, neosoft.com, netcom.com, ici.net,
worldnet.att.net, gnn.com, well.com and others provide a good balance
of span and power of return serve.  Reasonably large hosts have t1 or
t3 access and can fire back your little packages at high speed.

For SMTP hosts, I like to use the fast but older servers that usually
back the ISPs that major pornography providers use.  Cheap, obscure,
and rarely critical, these machines are usually large cheesy UNIX boxes
that pump out return mail like vitriolic ejaculate.  When traffic's not
too high on the web server, they will accept your load and pass it on 
at mediocre-to-fast speed, spreading its initial delivery over an 
erratic time span.  

Then put together your bomb.  I use mostly disposable PPP accounts, and
for that the best tool is a newsreader called Free Agent that lets you
doctor headers and attachments of flexible line length.  That final 
flexibility produces an nasty flood side to this diarrhetic spew.

To: fuck_me_jesus@vivid.com
From: billg@microsoft.com
Subject: Bombing your ass!
BCC: dipshit@ici.net, dipshit@xnet.com, dipshit@panix.com, 
dipshit@neosoft.com, dipshit@mindspring.com, dipshit@nortel.com, 
dipshit@aol.com, dipshit@beachnet.com, dipshit@msn.com, 
dipshit@netcom.com, dipshit@roadrunner.com, dipshit@sgi.com

Attachment: n3230b4.exe

In this case, I would split the file into 500 line segments, which
produces a decent flood of messages that bounce in bizarre angles 
because of load.  Boom-boom-boom slamming home?  No, more like random
sizes and chunks of forwarded, clumped, bounced, and third-party reject
messages.  If you feel particularly nasty, you should cut the size to 
100 line bombs; then you're really raining on their parade!

The only approach to doing this in UNIX is to write a script, which 
could be done pretty easily if you have some sockets programming 
experience.  I leave that detail to others more inclined toward this 
type of activity.

Impact
------

What's the damage?  The power of this method is that it amplifies
your limited bandwidth by creating a source of more than one bounce
per message, automatically giving you a potent tool for intensifying 
whatever damage you do.

However, this still probably isn't much.  I think mailbombing has only
psychological effect at this point, and perhaps not even that if the 
site filter has advanced inferencing.  But if you're going to mailbomb,
do it right!

So you send out a five-megabyte file (overnight on your 28.8k modem)
in 900-line segments to 40 bounce addresses.  That's probably about 51
messages per bounce host, so 30-40 bounces per time times that is quite
a slam.  Not that 1500 messages of varying size are going to shut 
anyone down, only perhaps cause the provider to bounce all mail to the
account.

The novice with the PPP account is the ideal victim: desperate, he 
either calls tech support or leaves his modem on for three days 
downloading all the stuff.  There's no magic bullet here, only 
a more effective way.  

The furthest extension of effectiveness with this method is
paradoxically not the user, but the host of the user. If you find
out that the Vatican or Israeli torture squad has left open an
email address on a host of theirs, consider having a friend or
two engage in this attack. I've personally seen several ISPs and
at least a dozen political sites cave with this form of attack.

Disadvantages
-------------

The weakness in this is the logging capacities of hosts and the
tendency of SMTP forwarding hosts to put the name/IP address of the
transferring host in the mail headers.  This makes it pretty easy for
any reasonably informed halfwit to figure out where the material's 
coming from; take off the final octet from the IP address and do a 
whois remainder.* and see what comes up.  Some ISP - big surprise - 
write postmaster message in wrath of righteous fury.

While most of us find this weak attitude sniveling and irritating, we
can only comment that it is effective in reducing your account to 
inactive status, which is the equivalent of a prematurely melted 
penis for any hacker.  So keep this in mind and work to use pretty
shabby hosts, or keep generating fakes for easy use.

Disclaimer
----------

LEGAL NOTICE: If you use this information for any action then the 
consequences are your own and not mine or those of any person 
serving to you this information.  This file is written for 
informational purposes only in full knowledge that both the good guys 
(hackers) and the bad guys (corporate software cocaine whores) will 
read this, and make changes in their behavior as a consequence.

COPYFREE 1996 TH3 WAR3Z 3L33T
www.anus.com/etc/31337/
[E0F]
Initial commit 2021-04-15 11:31:59 -07:00
			`<<<< TH33 WAR3Z 3L33T PR3Z3NTZ >>>>`

			`REFLECTOR BOMBING: MAIL MAYHEM`

			`<< WRITTEN BY GOAT >>`

			`25Sep96`

			`<<< KALL TH33 WAR3Z 3L33T: www.anus.com/31337/ >>>`

			`666`

			`I. Introduction`
			`II. Reflector Bombs`
			`III. Impact`
			`IV. Disadvantages`
			`V. Legal`

			`Introduction`
			`------------`

			`Most people mail bomb like lame fiends. They fire up Eudora and attach`
			`a few large GIFs to it with names like ASSHOLE and FUCKFACE and then`
			`let it fire when they go to bed. It sends these huge files which if`
			`they make it past the firewall and don't bounce will slam home into`
			`their target's mailbox, forcing an additional 17 minutes of download`
			`time on a 28.8k modem.`

			`While this is an emotionally honest approach and is probably not a`
			`crime, this is completely ineffective mailbombing. It doesn't strike`
			`to the heart of the matter which is to bloat the mailbox of the`
			`victim and to hopefully crash their feeble mailer (which, if they're`
			`using the consumer jokeware that the NWO lets us have, Mac or PC, is`
			`bound to occur). There is no vengeance, no force of will, no balls.`

			`Similarly I feel mail floods or forwarding of USENET posts through`
			`anonymous remailers have no guts. Your victim isn't going to suffer`
			`because oh my god, you mailed them your /tmp. They suffer because`
			`they realize the strike against them and its temporary overwhelming`
			`of the system as a manifestation of the world rejecting their needs`
			`while being annoyed enough to become a temporarily sadistic master,`
			`and so they cling to it and often become quite psychologically`
			`deranged. The damage of mailbombing occurs in a victim's social`
			`sense of self-esteem more than in his or her mailbox.`

			`Your goal is to push the victim to the edge of self-doubt. How much`
			`does the world hate him/her? Enough to pave a mailbox in a vicious`
			`mannner, a better kind of mailbomb: the reflector bomb!`

			`Before we begin, let me state two things: 1) I have never seen`
			`reference to this before in any hacker literature and 2) HAVE`
			`PHUN BUT D0NT GET KAUGHT!!1!!!.`

			`Reflector Bombs`
			`---------------`

			`The reflector bomb works on the simple principle that mail sent with`
			`spoofed addresses will bounce to the victim. Its particular agent is`
			`the BCC line, which enables the mailbomber to list any number of fake`
			`addresses on diverse servers for greater inefficiency of routing,`
			`leading to a wider variety of incoming paths to the target.`

			`For example, my victim, billg@microsoft.com, would probably NOT`
			`elect to send this message:`

			`To: bounce_my_ass@neosoft.com`
			`From: billg@microsoft.com`
			`Reply-To: billg@microsoft.com`
			`BCC: bounce_me@whitehouse.gov, bounce_me@wired.com,`
			`bounce_me@chron.com, bounce_me@xs4all.nl`

			`Dear Bill,`

			`BOING!`

			`-- TH33 M4DD H4KK3R`
			`/s`
			`.s`
			`/es`
			`/quit`
			`shit`
			`^G^C^H^X^X`


			`...but this message isn't very extreme; only four bcc addresses and one`
			`primary recipient will bounce this message. It's important to pick a`
			`server for primary recipient pretty far removed from all other hosts.`
			`To know how this works, it's important to understand some basic`
			`networking.`

			`When a host receives mail - from either inside of its domain or from`
			`an external forward (by Internet courtesy-anarchy socialist system of`
			`packet travel most SMTP hosts accept traffic from any other host) - the`
			`receiving host looks at the host in each address and attempts to route`
			`mail appropriately, or detect the beginning stage of a likely path for`
			`the mail and then to forward it on.`

			`The more diverse the pathways you pick through the Internet, the more`
			`individuality given to these messages so that they arrive at different`
			`times through different size servers. This eliminates mail clumping,`
			`where one host will service fiftteen forwards and generate only one`
			`bounce message, and encourages a chaotic disparity in sizes and`
			`frequency. The unevenness of this attack makes it more effective on`
			`sites with mail filters than any form of direct assault.`

			`How to put this into execution? First make your bounce hosts list, and`
			`list 20-60 hosts across your home country that you know have differing`
			`connection speeds and diverse topology. Then, find an open SMTP host`
			`preferrably one which does not transfer the hostname of the originating`
			`host in the headers of each mail message.`

			`For bounce hosts, I recommend using major providers and reasonably`
			`sized ISPs. Panix.com, xnet.com, neosoft.com, netcom.com, ici.net,`
			`worldnet.att.net, gnn.com, well.com and others provide a good balance`
			`of span and power of return serve. Reasonably large hosts have t1 or`
			`t3 access and can fire back your little packages at high speed.`

			`For SMTP hosts, I like to use the fast but older servers that usually`
			`back the ISPs that major pornography providers use. Cheap, obscure,`
			`and rarely critical, these machines are usually large cheesy UNIX boxes`
			`that pump out return mail like vitriolic ejaculate. When traffic's not`
			`too high on the web server, they will accept your load and pass it on`
			`at mediocre-to-fast speed, spreading its initial delivery over an`
			`erratic time span.`

			`Then put together your bomb. I use mostly disposable PPP accounts, and`
			`for that the best tool is a newsreader called Free Agent that lets you`
			`doctor headers and attachments of flexible line length. That final`
			`flexibility produces an nasty flood side to this diarrhetic spew.`

			`To: fuck_me_jesus@vivid.com`
			`From: billg@microsoft.com`
			`Subject: Bombing your ass!`
			`BCC: dipshit@ici.net, dipshit@xnet.com, dipshit@panix.com,`
			`dipshit@neosoft.com, dipshit@mindspring.com, dipshit@nortel.com,`
			`dipshit@aol.com, dipshit@beachnet.com, dipshit@msn.com,`
			`dipshit@netcom.com, dipshit@roadrunner.com, dipshit@sgi.com`

			`Attachment: n3230b4.exe`

			`In this case, I would split the file into 500 line segments, which`
			`produces a decent flood of messages that bounce in bizarre angles`
			`because of load. Boom-boom-boom slamming home? No, more like random`
			`sizes and chunks of forwarded, clumped, bounced, and third-party reject`
			`messages. If you feel particularly nasty, you should cut the size to`
			`100 line bombs; then you're really raining on their parade!`

			`The only approach to doing this in UNIX is to write a script, which`
			`could be done pretty easily if you have some sockets programming`
			`experience. I leave that detail to others more inclined toward this`
			`type of activity.`

			`Impact`
			`------`

			`What's the damage? The power of this method is that it amplifies`
			`your limited bandwidth by creating a source of more than one bounce`
			`per message, automatically giving you a potent tool for intensifying`
			`whatever damage you do.`

			`However, this still probably isn't much. I think mailbombing has only`
			`psychological effect at this point, and perhaps not even that if the`
			`site filter has advanced inferencing. But if you're going to mailbomb,`
			`do it right!`

			`So you send out a five-megabyte file (overnight on your 28.8k modem)`
			`in 900-line segments to 40 bounce addresses. That's probably about 51`
			`messages per bounce host, so 30-40 bounces per time times that is quite`
			`a slam. Not that 1500 messages of varying size are going to shut`
			`anyone down, only perhaps cause the provider to bounce all mail to the`
			`account.`

			`The novice with the PPP account is the ideal victim: desperate, he`
			`either calls tech support or leaves his modem on for three days`
			`downloading all the stuff. There's no magic bullet here, only`
			`a more effective way.`

			`The furthest extension of effectiveness with this method is`
			`paradoxically not the user, but the host of the user. If you find`
			`out that the Vatican or Israeli torture squad has left open an`
			`email address on a host of theirs, consider having a friend or`
			`two engage in this attack. I've personally seen several ISPs and`
			`at least a dozen political sites cave with this form of attack.`

			`Disadvantages`
			`-------------`

			`The weakness in this is the logging capacities of hosts and the`
			`tendency of SMTP forwarding hosts to put the name/IP address of the`
			`transferring host in the mail headers. This makes it pretty easy for`
			`any reasonably informed halfwit to figure out where the material's`
			`coming from; take off the final octet from the IP address and do a`
			`whois remainder.* and see what comes up. Some ISP - big surprise -`
			`write postmaster message in wrath of righteous fury.`

			`While most of us find this weak attitude sniveling and irritating, we`
			`can only comment that it is effective in reducing your account to`
			`inactive status, which is the equivalent of a prematurely melted`
			`penis for any hacker. So keep this in mind and work to use pretty`
			`shabby hosts, or keep generating fakes for easy use.`

			`Disclaimer`
			`----------`

			`LEGAL NOTICE: If you use this information for any action then the`
			`consequences are your own and not mine or those of any person`
			`serving to you this information. This file is written for`
			`informational purposes only in full knowledge that both the good guys`
			`(hackers) and the bad guys (corporate software cocaine whores) will`
			`read this, and make changes in their behavior as a consequence.`

			`COPYFREE 1996 TH3 WAR3Z 3L33T`
			`www.anus.com/etc/31337/`
			`[E0F]`