Increase in traffic to/from DSL subs since August?
Suresh Ramasubramanian
suresh at outblaze.com
Fri Nov 21 02:27:13 UTC 2003
Steven M. Bellovin writes on 11/20/2003 4:28 PM:
> At the IETF Plenary, Bernard Aboba showed a graph of spam, with a
> marked uptick since SoBig.F in August. My guess is worm-deposited spam
> relays, though Joel's guess of Nachi or Welchia can't be ruled out,
> either, without flow data.
A ballpark estimate from a couple of friends who run small cable ISPs in
India, and from a look at our mailserver log stats, says that yes, this
is mostly because of open proxies and trojans infecting unpatched
windows machines on broadband. Swen, MiMail and Jeem.mail.pv seem to be
the worst offenders wrt spamming trojans, right now.
Nachi and Welchia are almost as bad. I'd say blame can be split equally
between the two.
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
More information about the NANOG
mailing list