lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <2D5914BDC6D4D411998200008368A2C8040F2134@hew01exhn1.corp.hansenet.com>
From: vogt at hansenet.com (vogt@...senet.com)
Subject: AW: AW: Windows Messenger Popup Spam on UDP Por
	t 10 26

> >This isn't about you. The ISP also has a responsibility to protect
> >the internet at large. If millions of spam are sent each day because
> >the average user is too stupid to close off his proxy, then the
> >ISP can either shut him down, or block the proxy port. Obviously,
> >shutting down isn't an option for business reasons.
> 
> In this case I would request all ISPs to block port 25. 
> Millions of spams 
> are sent via this port each day.

True, but incomplete. I work for an ISP, but my data is only true for
us, so as usual, YMMV.
Most spam is NOT sent out via port 25. It arrives via port 25, but it
almost always relayed inbetween. Some years back, open relays were the
main problem. However, we've dug into things a bit and found to our
surprise that not only are they not the main problem anymore, but in
fact a tiny minority. The main problem is open socks proxies (port 1080).

Ironically, the proposal that everyone should use a firewall makes the
problem worse, not better - we believe one or more personal firewalls
shipping with a bad default config are the culprits.

So what's an ISP to do? We all know nobody wants spam (even the spammers
don't want to RECEIVE spam, only to send it). We also know that 90% of
the current Internet population doesn't know the difference between an 
open proxy and a cup holder.


best regards / mit freundlichen Gruessen,

Tom Vogt
Hansenet Webfarm Security 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ