[63689] in North American Network Operators' Group
Re: Wired mag article on spammers playing traceroute games with
daemon@ATHENA.MIT.EDU (Kee Hinckley)
Thu Oct 9 13:15:10 2003
In-Reply-To: <66328A32-FA70-11D7-8A15-00039375B178@gizmopartners.com>
Date: Thu, 9 Oct 2003 12:53:28 -0400
To: Chris Boyd <cboyd@gizmopartners.com>
From: Kee Hinckley <nazgul@somewhere.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
At 10:51 AM -0500 10/9/03, Chris Boyd wrote:
>A few minutes later, or from a different nameserver, I get
>
>Name: vano-soft.biz
>Addresses: 131.220.108.232, 165.166.182.168, 193.165.6.97, 12.229.122.9
> 12.252.185.129
>
>This is a real Hydra. If everyone on the list looked up
>vano-soft.biz and removed the trojaned boxes, would we be able to
>kill it?
I think in this instance your best approach may be to go after the
name servers. Anything else is going to be a game of whack-a-mole.
Our spam filtering software actually uses the address of a domain's
name server in it's scoring system. Sometime's that's the only way
we've been able to reliably detect a spammer.
--
Kee Hinckley
http://www.messagefire.com/ Next Generation Spam Defense
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
