Wired mag article on spammers playing traceroute games with trojaned boxes

Suresh Ramasubramanian suresh at outblaze.com
Thu Oct 9 16:29:35 UTC 2003


Vinny Abello writes on 10/9/2003 9:41 PM:

> They're using extremely low TTL's on most of their records. Typically 2 
> minutes to accomplish this. The thing is I would imagine at least ONE of 
> those NS servers cannot change within a 2 hour window whereas the others 

They are using a whole lot of stuff that's basically dynamic DNS.

> low TTL on an NS record. If NeuLevel is any good they would likely have 
> some sort of information to identify the owner of the domain, even if 

They seem to have a spammer infestation though.

	srs

-- 
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations




More information about the NANOG mailing list