short Botnet list and Cashing in on DoS

Gadi Evron ge at
Sat Oct 9 18:53:22 UTC 2004

> Next you'll block SIP if we start getting "spam calls"? Or any other 
> application that pops up and is used by the same people sending spam today?

There is the issue of usability. Why does a Cable user on a dynamic 
range need SMTP open?

> You're fixing the symptom, not curing the cause. The immediate root 
> cause is a compromised PC which among other things does send mail across 
> port 25. It´ll also send mail using x-y-z webmail or misconfigured 
> forms, etc.

Webmail, etc. could and would be used, but instead of millions of 
messages sent openly from each drones - there would be hundreds, maybe 

> It would be much more beneficial to deny all packets from AS's which 
> don't have abuse in control.

That's not going to happen any time soon, and if only one ISP does it.. 
imagine the tech support screams? I'd rather treat the symptoms.

After all, the symptom of high-temperature is not the illness itself, 
but it could kill.


More information about the NANOG mailing list