Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: short Botnet list and Cashing in on DoS

  • From: Gadi Evron
  • Date: Sat Oct 09 15:00:19 2004


Next you'll block SIP if we start getting "spam calls"? Or any other application that pops up and is used by the same people sending spam today?
There is the issue of usability. Why does a Cable user on a dynamic range need SMTP open?

You're fixing the symptom, not curing the cause. The immediate root cause is a compromised PC which among other things does send mail across port 25. Itīll also send mail using x-y-z webmail or misconfigured forms, etc.
Webmail, etc. could and would be used, but instead of millions of messages sent openly from each drones - there would be hundreds, maybe thousands.

It would be much more beneficial to deny all packets from AS's which don't have abuse in control.
That's not going to happen any time soon, and if only one ISP does it.. imagine the tech support screams? I'd rather treat the symptoms.

After all, the symptom of high-temperature is not the illness itself, but it could kill.

Gadi.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.