[Ilugc] [NEWS]Spammers suffer conviction
- From: linux@xxxxxxxxxxxxxxxx (Suresh Ramasubramanian)
- Date: Fri Nov 5 22:31:08 2004
On Fri, Nov 05, 2004 at 09:07:31PM +0530, Ramanraj K wrote:
Looks like a case of having shot one's bolt. Is the Internet & WWW still
largely beta? If "security" of machines depends on short strings that
1. Trojaned windows machines
2. Mailservers with smtp auth enabled, and default passwords like demo/demo,
guest/guest, admin/admin, etc (you'll be surprised how many there are)
3. Open proxies (proxy servers that can use http/connect, ftp put, socks etc
to proxy smtp requests, and so anonymously proxy spam)
4. Hijacked ARIN / APNIC etc netblocks (like a company has a large IP block
assigned to it, goes out of business but does not return the IPs to ARIN,
APNIC or other RIR... so the spammer simply creates a fake letterhead in the
name of that company, registers the company's domain which has expired, and
thus gains control of that IP space). -- see
http://www.completewhois.com
[etc etc etc]
guessing passwords. Imagine bank managers claiming: "Our bank walls and
safe vaults are made of straw! By law, it is an offence to touch the
straw! Our bank is highly secure". If infallible security is not yet
Bah. So if you accidentally leave your keys in your car, and somebody drives
off with the car, you wont be able to complain to the police and get the car
thief punished? Or if your house door is unlocked, I can just walk in, help
myself to beer from your fridge, and then walk out with your TV and stereo
deck?
suresh
Other related posts:
