Full Disclosure mailing list archives
Re: Spam sent via spambots?
From: GuidoZ <uberguidoz () gmail com>
Date: Sun, 31 Oct 2004 20:30:06 -0500
And further, does anyone have any idea how to pick apart how much of that is simply relaying type activity vs.dedicated spam-bot activity?Does it matter?
Personally, I think it matters quite a bit. If the current laws are ever enforced, it could shape the way spammers operate. Instead of facing the concequences of your actions, you take over a few machines and get away with it. Or once caught, you play dumb... even though you knew all along what the systems were being used for. As I'm sure you're aware, groups of zombie machines are used for a handful of different things. Everything from DDoS attacks to the topic at hand. These groups are frequently "rented out" to do the dirty work. It's become so much of a problem that the media is picking up on it. It's been reported in the news and various forums several times. A few sample articles: (Google for more) - http://go.microsoft.com/fwlink/?LinkId=35825 - http://www.shortnews.com/shownews.cfm?id=40747 - http://newpaper.asia1.com.sg/top/story/0,4136,67698,00.html Point being - knowing how much spam is bot-nets and how much is "legit" (as in the sender is aware they are sending it) would be good information to know. It may help enforcement of current laws or shape new ones. Having a grasp on, or some understanding of, the problem is the first step to solving it, don't you agree? Obviously laws and enforcement isn't the only means. It's obviously not done much to help so far; plus you have the added problems of who enforces what laws where. Check http://www.spamlaws.com/ for more info on your local area (worldwide). (P.S. Removed your email address from the "Reply All" as requested Nick. Hopefully this will serve as a reminder to others that you prefer not to receive duplicates.) -- Peace. ~G On Sun, 31 Oct 2004 18:22:36 -0600 (CST), J.A. Terranson <measl () mfn org> wrote:
On Mon, 1 Nov 2004, Nick FitzGerald wrote:In another thread Hugo van der Kooij wrote:Securing every machine on the internet would be a good start. 95% of all spam messages I have seen lately gets send from DSL or Cable IP addresses. These are machine which run spamware without the user knowing (s)he is sending out spam by the buckets untill their ISP shuts them down.Really? 95%? Does anyone have sound statistics on how much spam comes from DSL/Cable IP-space?We see at minimum, several thousand a day, and while I can't give you a statistic, I can state with great confidence that the vast majority, likely a lot higher than 95%, comes from zombied machines, almost all on DSL/Cable space.And further, does anyone have any idea how to pick apart how much of that is simply relaying type activity vs.dedicated spam-bot activity?Does it matter? -- Yours, J.A. Terranson sysadmin () mfn org 0xBD4A95BF "An ill wind is stalking while evil stars whir and all the gold apples go bad to the core" S. Plath, Temper of Time _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Spam sent via spambots? J.A. Terranson (Oct 31)
- Re: Spam sent via spambots? Nick FitzGerald (Oct 31)
- Re: Spam sent via spambots? James Riden (Oct 31)
- Re: Spam sent via spambots? GuidoZ (Oct 31)
- <Possible follow-ups>
- Re: Spam sent via spambots? Nick FitzGerald (Oct 31)
- Re: Spam sent via spambots? GuidoZ (Oct 31)
- Re: Spam sent via spambots? n3td3v (Oct 31)
- Re: Spam sent via spambots? Nick FitzGerald (Oct 31)