Interesting People mailing list archives
more on INTERNET ATTACKS JUMP SIGNIFICANTLY THIS YEAR
From: Dave Farber <dave () farber net>
Date: Wed, 22 Sep 2004 09:26 -0400
___ Dave Farber +1 412 726 9889 ...... Forwarded Message ....... From: Rich Kulawiec <rsk () gsp org> To: David Farber <dave () farber net> Cc: Tom Goltz <tgoltz () QuietSoftware com> Date: Wed, 22 Sep 2004 00:07:37 -0400 Subj: Re: [IP] more on INTERNET ATTACKS JUMP SIGNIFICANTLY THIS YEAR On Tue, Sep 21, 2004 at 01:53:00PM -0400, David Farber wrote:
If this trend continues, it's going to move from being a nuisance to a major problem very, very quickly.
It already *is* a major problem: most spam (about 80%, if I average the last several estimates I've seen) is coming from zombies. Given that we're now rejecting 97-98% of all incoming SMTP traffic, that's pretty bad. But that's hardly the end of it: those zombies are being used to conduct all kinds of security probes/attacks (as you observed) and to launch DDoS attacks (sometimes against security/anti-abuse resources). Don't expect it to get any better soon. Nobody who's in a position to fix it is doing anything about it: - the users (the former owners of the zombies) either don't know, don't care, lack the expertise, lack the tools, practice such poor computing that they'll just be re-zombied (e.g. they use IE or Outlook), and so on. - the consumer broadband ISPs have steadfastly refused to admit that there's a problem. Of course: if they admitted it, they might have to cut into their enormous profits by spending some money to fix it. - Microsoft continues to prattle about their "emphasis on security", but they haven't done squat. Heck, they haven't even managed to release a mail client (a *mail client*, for crying out loud) that's safe to use. It's pretty clear that it's time to start treating any machine whose IP stack indicates it's running Windows as suspect. This has already been used for spam control, as in the very clever: Journal of merlyn (47) http://use.perl.org/~merlyn/journal/17094 and now it's time to start extending that. ---Rsk ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on INTERNET ATTACKS JUMP SIGNIFICANTLY THIS YEAR Dave Farber (Sep 22)