<<<
Chronological Index
>>> <<<
Thread Index
>>>
[gnso-ff-pdp-may08] Major Source of Internet Spam Yanked Offline
- To: "Fast Flux Workgroup" <gnso-ff-pdp-May08@xxxxxxxxx>
- Subject: [gnso-ff-pdp-may08] Major Source of Internet Spam Yanked Offline
- From: "George Kirikos" <fastflux@xxxxxxxx>
- Date: Wed, 12 Nov 2008 11:25:19 -0500
Apparently 75% of worldwide spam has been shut down:
http://voices.washingtonpost.com/securityfix/2008/11/major_source_of_online_scams_a.html
http://www.washingtonpost.com/wp-dyn/content/article/2008/11/12/AR2008111200658.html?sid=ST2008111200662&s_pos=
Note they did it without any policy recommendations in regards to Fast
Flux, etc., by taking out one of the choke points, namely the hosting
for the mother ship of the botnets.
It might be useful to get some input from those researchers or the
ISPs, i.e. what data would have made their jobs easier to have
detected the mother ship more quickly. Since most ISPs will be hosts
of domains, I'd be curious whether verified WHOIS would have helped
them (e.g. if the verified WHOIS showed an address in China, but the
client was paying with American credit cards, that might have been a
red flag to warrant closer scrutiny).
Sincerely,
George Kirikos
http://www.LEAP.com
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|