|
North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: short Botnet list and Cashing in on DoS
- From: Gadi Evron
- Date: Sat Oct 09 15:00:19 2004
Next you'll block SIP if we start getting "spam calls"? Or any other
application that pops up and is used by the same people sending spam today?
There is the issue of usability. Why does a Cable user on a dynamic
range need SMTP open?
You're fixing the symptom, not curing the cause. The immediate root
cause is a compromised PC which among other things does send mail across
port 25. Itīll also send mail using x-y-z webmail or misconfigured
forms, etc.
Webmail, etc. could and would be used, but instead of millions of
messages sent openly from each drones - there would be hundreds, maybe
thousands.
It would be much more beneficial to deny all packets from AS's which
don't have abuse in control.
That's not going to happen any time soon, and if only one ISP does it..
imagine the tech support screams? I'd rather treat the symptoms.
After all, the symptom of high-temperature is not the illness itself,
but it could kill.
Gadi.
|
|
|
