nanog mailing list archives

Re: more news from Google

From: Steven Bellovin <smb () cs columbia edu>
Date: Wed, 13 Jan 2010 17:31:46 -0500


On Jan 13, 2010, at 5:26 PM, msheldon () cox net wrote:

From a single detection of one hostile email you can often expand the picture to many mail recipients.  A little open 
source research identifies the common community the recipients belong to.  It's pretty straight forward.


The magic phrase is "traffic analysis" -- look at the accounts of known targets of interest, and see the usernames, IP 
addresses, etc., of their correspondents.  Recurse as needed.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb

Current thread:

Re: more news from Google, (continued)
- - - Re: more news from Google Dave Israel (Jan 13)
  - Re: more news from Google Valdis . Kletnieks (Jan 13)
    - Re: more news from Google Joel Jaeggli (Jan 13)
  - Re: more news from Google Leo Bicknell (Jan 13)
    - RE: more news from Google Nathan Eisenberg (Jan 13)
  - Re: more news from Google Fred Baker (Jan 15)
    - Re: more news from Google Randy Bush (Jan 15)
    - Re: more news from Google Adam Fields (Jan 15)
- RE: more news from Google Stefan Fouant (Jan 13)
- Re: more news from Google msheldon (Jan 13)
  - Re: more news from Google Steven Bellovin (Jan 13)
    - Re: more news from Google Joe Greco (Jan 13)
    - Re: more news from Google Gadi Evron (Jan 15)