From: Simple Nomad (thegnome[at]nmrc.org)
To: Annie Simanski (anniesimanski@peakdirectory.com)
Date: Tue, 07 Jul 2009 10:37:36 -0500
Subject: Re: Link exchange with nmrc.org


On Mon, 2009-07-06 at 19:42 -0500, Annie Simanski wrote:
: Hello,
:
: I just wanted to make sure you got my last e-mail about the link
: exchange between my site and yours.  Exchanging quality links is
: undeniably the easiest way to improve your website link popularity,
: to achieve better search engine positioning and increase your website
: traffic.

I deleted your last email. I assumed it was spam.

: Let's help each other out and gain popularity and prosperity on the
: web!!

What is in this for us? Do you assume that just because we have a web
site we want to be popular? And prosperous? Did you even look at the
site? Does it look like we are trying to prosper?

: I have faith that you and I will benefit immensely from this proposed
: link exchange.

And what pray tell is the religion that gives you such faith? I
seriously doubt there is anything you have that will benefit us.

: I look forward to your positive reply.

You are looking in the wrong place, lady.

: All the best,

Seriously?

Ok, listen. You have sent the "link exchange" request to a hacker site.
This is a hobby site, and since during the dot com boom we all managed
to get high paying jobs we don't update the website very often. Now you
had no idea of this, but seriously you considered a link exchange with a
hacker site?

First off, let's discuss www.peakdirectory.com. What the fuck is with
all the open ports?

# nmap -O -sV -sS www.peakdirectory.com

PORT     STATE    SERVICE     VERSION
1/tcp    open     tcpwrapped
21/tcp   open     ftp         PureFTPd
22/tcp   open     ssh         OpenSSH 5.1p1 (protocol 2.0)
25/tcp   open     smtp        Exim smtpd 4.69
26/tcp   open     smtp        Exim smtpd 4.69
80/tcp   open     http        Apache httpd 2.2.11
110/tcp  open     pop3        Courier pop3d
111/tcp  open     tcpwrapped
143/tcp  open     imap        Courier Imapd (released 2008)
443/tcp  open     http        Apache httpd 2.2.11
465/tcp  open     ssl/smtp    Exim smtpd 4.69
993/tcp  open     ssl/imap    Courier Imapd (released 2008)
995/tcp  open     ssl/pop3    Courier pop3d
1720/tcp filtered H.323/Q.931
3306/tcp open     mysql       MySQL 5.0.81-community
8009/tcp open     ajp13?
8080/tcp open     http        Apache Tomcat/Coyote JSP engine 1.1
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.5 - 2.6.11
Uptime 27.196 days (since Wed Jun 10 05:30:24 2009)

Patch this shit up immediately. Some of those services really need
updating, and some have no business being exposed to the entire planet.

: Annie Simanski
: Link Manager of Peak Directory
: anniesimanski@peakdirectory.com

Annie (or the guy going by "Annie" since a chick name sounds more
inviting and less threatening, yes we practically invented social
engineering you bastards), I know that as Spammaster Deluxe, err sorry
Link Manager of Peak Directory you are probably not responsible for
patching the website. But if you are going to be sending out spam to
strangers, and this IS what your messages are, then expect some
pushback.

We didn't even look at your various webforms for SQL injection, XSS,
etc. We assumed that with this underlying mess of a website the web app
situation to be a minefield. Payment for your free security assessment
(our rating of your website is Fairly Fucked) is the removal of all
nmrc.org email addresses from your spammer database/mailing lists.

BTW we will not help you patch or fix your website, nor will we
recommend anyone, lest we be accused of some weird blackmail or
something. Consider this a gift -- fix your shit. Or delete the entire
website and go into something less degrading for income. We recommend
the online porn industry -- but remember, they take web security a bit
more seriously, ok?

Never email us again under any circumstances. Ever.