Re: Interesting new spam technique - getting a lot more popular.

["Christopher L. Morrow" <christopher.morrow () verizonbusiness com>]

On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:

> That was not my advice btw - just forwarding on what I saw.

oh,. apologies, i did cut the message down quite a bit :( I understood you
were quoting from the spamdiaries website, I apologize to the other
listeners (readers?) if it confused the issue.

> What you say does seem like a "must do" all right - but putting ARP
> filters in is actually a reasonable idea.

Atleast it'd trim down the 'problem' to the single customer subnet, I
assume that dedicated hosting folks don't just drop machines behind a
switch on one big flat subnet? That's probably a naive assumption though
:(  Perhaps this is clue #12 that that is a 'less than good' option? :)

> On 6/14/06, Christopher L. Morrow
> <christopher.morrow () verizonbusiness com> wrote:
> > On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:
> > > http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html
> > >
> > >     * Monitor your local network for interfaces transmitting ARP
> > > responses they shouldn't be.
> >
> > how about just mac security on switch ports? limit the number of mac's at
> > each port to 1 or some number 'valid' ?
>
>
> --
> Suresh Ramasubramanian (ops.lists () gmail com)