North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
DDoS Question
- From: Martin Hannigan
- Date: Thu Sep 27 19:44:33 2007
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=Gn+XygqQYz1kf//eJYAP/tyQ2trlA+hNOL5EEj69+1k=; b=N+7e3MGYOvc61XnwoxmUpLLTHoJw+9G8j6a9pllnJAVOTdbg9b8NAIcbl7vu7mw5eUkTg9IQklxJwYo6Zy+q8BsfQqmLXJrjXrTqfK9mM7FQWCivPQWTnMHHxKO1o1sTAlTVviHYNtb3Vb3bY7dFCkQZMYyUmxvwG/8Mb3rDBbM=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=CMocqSYn84U0pidkCjRHCaYE3e3E7QfQwRdYrsKEzVxomP3lt+MYK/a2ry6j0/Akb9F+qAD7cnSjl4m+qsOB7Vhkt2t0Tnv+qXYP1JX2ikOTW6Ody7S6nqfSLs4pEGQhZCb4jp2+64lk7BZSWwyNdQn96DUlQv+poLqkRO3FlsM=
Folks,
I'm receiving about 25K spams per minute with this subject:
Subject: "Looking for Sex Tonight? Curtis Blackman"
They randomize the name on the subject line. Is this any particular
virus/malware/zombie signature and any suggestion on how to defend
against it besides what I'm already doing (which is all of the
obvious, rbls, spam appliances, hot cocoa, etc.)?
This happened right around the time I started securing the name server
infrastructure with BIND upgrades and recursor/authoritative NS
splitting. :-)
Best,
Marty
|
