Wired mag article on spammers playing traceroute games with trojaned boxes

Kee Hinckley nazgul at somewhere.com
Thu Oct 9 16:53:28 UTC 2003


At 10:51 AM -0500 10/9/03, Chris Boyd wrote:
>A few minutes later, or from a different nameserver, I get
>
>Name:    vano-soft.biz
>Addresses:  131.220.108.232, 165.166.182.168, 193.165.6.97, 12.229.122.9
>           12.252.185.129
>
>This is a real Hydra.  If everyone on the list looked up 
>vano-soft.biz and removed the trojaned boxes, would we be able to 
>kill it?

I think in this instance your best approach may be to go after the 
name servers.  Anything else is going to be a game of whack-a-mole. 
Our spam filtering software actually uses the address of a domain's 
name server in it's scoring system.  Sometime's that's the only way 
we've been able to reliably detect a spammer.
-- 
Kee Hinckley
http://www.messagefire.com/         Next Generation Spam Defense
http://commons.somewhere.com/buzz/  Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.



More information about the NANOG mailing list