nanog mailing list archives
Re: Wired mag article on spammers playing traceroute games with trojaned boxes
From: jlewis () lewis org
Date: Thu, 9 Oct 2003 12:55:36 -0400 (EDT)
On Thu, 9 Oct 2003, Joe Boyce wrote:
VA> Personally, I think preventing residential broadband customers from hosting VA> servers would limit a lot of that. I'm not saying that IS the solution. It's not like those customers are aware they are hosting servers, they most likely were exploited and are now unaware they are hosting websites.
That's obviously the case. No spammer has "thousands" of legitimately purchased DSL/Cable connections. The article pretty clearly says they're exploiting insecure windows (isn't that redundant?) boxes. Trouble is, how do you stop this? Just blocking common ports like 80 by default (unless the customer plans to actually run a web server and asks for the filter to be removed) won't work. The spammers can just as easily spam with urls containing ports (http://blah.biz:8290/) if they find 80 is filtered or find that filtering has become common. So other than waiting some infinitely long time for a secure out of the box version of windows (and for everyone to upgrade), how do you stop this? Widespread deployment of reflexive access lists? Force all broadband customers to use NAT and let them forward ports or entire IPs to their private IP servers if they have any? Wait for the legal system to catch and prosecute a few people who do this and deter others from trying it? Convince registrars to kill domains that are clearly being used by thieves? ---------------------------------------------------------------------- Jon Lewis *jlewis () lewis org*| I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes, (continued)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Niels Bakker (Oct 10)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Andy Ellifson (Oct 09)
- RE: Wired mag article on spammers playing traceroute games with trojaned boxes Geo. (Oct 09)
- RE: Wired mag article on spammers playing traceroute games with trojaned boxes David Keith (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Kee Hinckley (Oct 09)
- RE: Wired mag article on spammers playing traceroute games with trojaned boxes McBurnett, Jim (Oct 09)
- RE: Wired mag article on spammers playing traceroute games with trojaned boxes Vinny Abello (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Joe Boyce (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Vinny Abello (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes jlewis (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes John Capo (Oct 09)
- RE: Wired mag article on spammers playing traceroute games with trojaned boxes Vinny Abello (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Jeremy T. Bouse (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Jack Bates (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Joe Abley (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Vinny Abello (Oct 09)
- Re: Wired mag article on spammers playing traceroute games with trojaned boxes Mike Tancsa (Oct 09)