Wired mag article on spammers playing traceroute games with trojaned boxes
Suresh Ramasubramanian
suresh at outblaze.com
Thu Oct 9 16:29:35 UTC 2003
Vinny Abello writes on 10/9/2003 9:41 PM:
> They're using extremely low TTL's on most of their records. Typically 2
> minutes to accomplish this. The thing is I would imagine at least ONE of
> those NS servers cannot change within a 2 hour window whereas the others
They are using a whole lot of stuff that's basically dynamic DNS.
> low TTL on an NS record. If NeuLevel is any good they would likely have
> some sort of information to identify the owner of the domain, even if
They seem to have a spammer infestation though.
srs
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
More information about the NANOG
mailing list