Wired mag article on spammers playing traceroute games with trojaned boxes
Kee Hinckley
nazgul at somewhere.com
Thu Oct 9 16:53:28 UTC 2003
At 10:51 AM -0500 10/9/03, Chris Boyd wrote:
>A few minutes later, or from a different nameserver, I get
>
>Name: vano-soft.biz
>Addresses: 131.220.108.232, 165.166.182.168, 193.165.6.97, 12.229.122.9
> 12.252.185.129
>
>This is a real Hydra. If everyone on the list looked up
>vano-soft.biz and removed the trojaned boxes, would we be able to
>kill it?
I think in this instance your best approach may be to go after the
name servers. Anything else is going to be a game of whack-a-mole.
Our spam filtering software actually uses the address of a domain's
name server in it's scoring system. Sometime's that's the only way
we've been able to reliably detect a spammer.
--
Kee Hinckley
http://www.messagefire.com/ Next Generation Spam Defense
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
More information about the NANOG
mailing list