| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: uberguidoz at gmail.com (GuidoZ) Subject: Spam sent via spambots? > > And further, does anyone have any idea how to pick apart how much of > > that is simply relaying type activity vs.dedicated spam-bot activity? > > Does it matter? Personally, I think it matters quite a bit. If the current laws are ever enforced, it could shape the way spammers operate. Instead of facing the concequences of your actions, you take over a few machines and get away with it. Or once caught, you play dumb... even though you knew all along what the systems were being used for. As I'm sure you're aware, groups of zombie machines are used for a handful of different things. Everything from DDoS attacks to the topic at hand. These groups are frequently "rented out" to do the dirty work. It's become so much of a problem that the media is picking up on it. It's been reported in the news and various forums several times. A few sample articles: (Google for more) - http://go.microsoft.com/fwlink/?LinkId=35825 - http://www.shortnews.com/shownews.cfm?id=40747 - http://newpaper.asia1.com.sg/top/story/0,4136,67698,00.html Point being - knowing how much spam is bot-nets and how much is "legit" (as in the sender is aware they are sending it) would be good information to know. It may help enforcement of current laws or shape new ones. Having a grasp on, or some understanding of, the problem is the first step to solving it, don't you agree? Obviously laws and enforcement isn't the only means. It's obviously not done much to help so far; plus you have the added problems of who enforces what laws where. Check http://www.spamlaws.com/ for more info on your local area (worldwide). (P.S. Removed your email address from the "Reply All" as requested Nick. Hopefully this will serve as a reminder to others that you prefer not to receive duplicates.) -- Peace. ~G On Sun, 31 Oct 2004 18:22:36 -0600 (CST), J.A. Terranson <measl@....org> wrote: > > On Mon, 1 Nov 2004, Nick FitzGerald wrote: > > > In another thread Hugo van der Kooij wrote: > > > > > Securing every machine on the internet would be a good start. 95% of all > > > spam messages I have seen lately gets send from DSL or Cable IP addresses. > > > These are machine which run spamware without the user knowing (s)he is > > > sending out spam by the buckets untill their ISP shuts them down. > > > > Really? > > > > 95%? > > > > Does anyone have sound statistics on how much spam comes from DSL/Cable > > IP-space? > > We see at minimum, several thousand a day, and while I can't give you a > statistic, I can state with great confidence that the vast majority, > likely a lot higher than 95%, comes from zombied machines, almost all on > DSL/Cable space. > > > And further, does anyone have any idea how to pick apart how much of > > that is simply relaying type activity vs.dedicated spam-bot activity? > > Does it matter? > > -- > Yours, > > J.A. Terranson > sysadmin@....org > 0xBD4A95BF > > "An ill wind is stalking > while evil stars whir > and all the gold apples > go bad to the core" > > S. Plath, Temper of Time > > _______________________________________________ > > > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists