lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <200305131003.15820.jstewart@lurhq.com>
From: jstewart at lurhq.com (Joe Stewart)
Subject: About spamb strange characters

On Tuesday 13 May 2003 09:20 am, Eric LeBlanc wrote:

> Each time, I receive 2 spam in 10 seconds (sometime 3 spam).  If I check
> the header, it's ALWAY from 2 different hosts.  For example, one from usa
> and chinese...
>
> Now, my question: they use a relay-bot spams ? (think DDoS with zombies
> (trojans), but for spammers..)

That's exactly what they are doing. I wrote a paper on one of the methods they
use, which is proxy servers installed by the Sobig.a virus (which is still in
active circulation). See: http://www.lurhq.com/sobig.html

-Joe

-- 
Joe Stewart, GCIH 
Senior Intrusion Analyst
LURHQ Corporation
http://www.lurhq.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ