nanog mailing list archives
Re: DDoS Question
From: Ken Simpson <ksimpson () mailchannels com>
Date: Thu, 27 Sep 2007 16:49:47 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
They randomize the name on the subject line. Is this any particular virus/malware/zombie signature and any suggestion on how to defend against it besides what I'm already doing (which is all of the obvious, rbls, spam appliances, hot cocoa, etc.)? This happened right around the time I started securing the name server infrastructure with BIND upgrades and recursor/authoritative NS splitting. :-)
RBLs are only effective against perhaps 50% of spam traffic, because so much of it comes from never-seen-before zombies. What appliances are you running? You might want to look at some kind of edge email traffic shaping layer. Regards, Ken - -- Ken Simpson CEO, MailChannels Fax: +1 604 677 6320 Web: http://mailchannels.com MailChannels - Reliable Email Delivery (tm) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG/EGb2YHPr/ypq5QRAuKNAKCYqf7uVoJmSAdKSSFH1NOTsLsZ6gCgk1Id 7+dI9UOemZtgqAI5pM+LwY4= =V0fG -----END PGP SIGNATURE-----
Current thread:
- DDoS Question Martin Hannigan (Sep 27)
- Re: DDoS Question Ken Simpson (Sep 27)
- Re: DDoS Question Roland Dobbins (Sep 27)
- Re: DDoS Question Tony Finch (Sep 28)
- Re: DDoS Question Ken Simpson (Sep 28)
- RE: DDoS Question Raymond L. Corbin (Sep 27)
- Re: DDoS Question Martin Hannigan (Sep 27)
- Re: DDoS Question Matthew Sullivan (Sep 29)
- Re: DDoS Question Sean Donelan (Sep 27)
- <Possible follow-ups>
- Re: DDoS Question Paul Ferguson (Sep 27)
- Re: DDoS Question Hex Star (Sep 27)
- Re: DDoS Question Paul Ferguson (Sep 27)
(Thread continues...)
- Re: DDoS Question Ken Simpson (Sep 27)