[67607] in North American Network Operators' Group
Re: Anti-spam System Idea
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sat Feb 14 05:51:00 2004
To: Tim Thorpe <tim@cleanyourdirt.com>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Sat, 14 Feb 2004 00:30:30 PST."
<20040214082505.MGXC28907.imta02a2.registeredsite.com@narzyws>
From: Valdis.Kletnieks@vt.edu
Date: Sat, 14 Feb 2004 05:50:10 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-1812411582P
Content-Type: text/plain; charset=us-ascii
On Sat, 14 Feb 2004 00:30:30 PST, Tim Thorpe <tim@cleanyourdirt.com> said:
> my idea;
> a DC network that actively scans for active relays and tests them, it
> compiles a list on a daily basis of compromised IP addresses (or even
How many IP addresses are there, and what percent of them are on DHCP,
and will you be able to do a scan in under a week, by which time the info will
be very stale indeed. (Hint - how long does the ISC 'Internet Domain Survey'
take to run?)
Also, read where it got the ORBS project.
I'll overlook the fact that in general, you don't know what port the spammer
backdoor malware is listening on, so you'll have to scan multiple ports. Not
going to make you very popular.
Other than that, go for it. :)
--==_Exmh_-1812411582P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFALf1icC3lWbTT17ARAmKwAJ0RyksxCUNiwnuO0ota2oMlO/2IaQCgvArT
QpZxWB5aBVTAgPTk7AHanIw=
=uXV6
-----END PGP SIGNATURE-----
--==_Exmh_-1812411582P--
