Quarantining infected hosts (Was: FBI tells the public to call their ISP for help)

• Previous message (by thread): Quarantining infected hosts (Was: FBI tells the public to call their ISP for help)
• Next message (by thread): Quarantining infected hosts (Was: FBI tells the public to call their ISP for help)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 18 Jun 2007, Suresh Ramasubramanian wrote:
> On 6/18/07, Jeroen Massar <jeroen at unfix.org> wrote:
>> Of course, though 25 is (afaik ;) the most abused one that will annoy a
>> lot of other folks with spam, phishings and virus distribution, though
>> the latter seems to have come to a near halt from what I see.
>
> Read these and weep, then -
> http://darkwing.uoregon.edu/~joe/port25.pdf
> http://darkwing.uoregon.edu/~joe/zombies.pdf
>
> As Joe says (and I agree), trying to fix infected hosts on your
> network by blocking port 25 is like treating lung cancer with cough
> syrup.

The great thing about opinions is everyone has one.

See also

http://www.maawg.org/port25

Or how about

http://www.securitymanagement.com/library/Sans_Ulrich1203.pdf
http://www.networkworld.com/edge/news/2003/0908studyisps.html


The best answer is probably paying for a strong ISP abuse team.  But for 
whatever reasons, some ISPs prefer to invest in other areas.

• Previous message (by thread): Quarantining infected hosts (Was: FBI tells the public to call their ISP for help)
• Next message (by thread): Quarantining infected hosts (Was: FBI tells the public to call their ISP for help)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]