Network Security: Detailed info on Re: spambots and dictionary attacks

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Linux

[Top] [All Lists]

Re: spambots and dictionary attacks

from [Kurt Seifried] Network Security

[Permanent Link]

Subject:	Re: spambots and dictionary attacks
Date:	Wed, 22 Nov 2006 10:30:46 -0700

Greylisting is a two-edged sword, though, that may not only cause
noticable delays in mail delivery, but also legit mails to be rejected.

Only for the first email if the greylisting system has any sense (i.e. OpenBSD's spamd), plus most allow whitelisting.

Not to mention that it'll stop working as soon as it's being used widely
enough to make adjusting to it worthwhile to spammers.

Sure and then the hosts are behaving like real email servers which is vastly more expensive (computationally/etc.) than just blasting stuff out. If my OpenBSD spamd delays delivery for 4 hours that gives my other defenses 4 hours to react (i.e. for blacklists to be updated, whatever). We're never going to have 100% effective anti spam solutions, but that's no reason to give up. I'd rather get 2-3 spams a day than 1000.

Regards
Ansgar Wiechers

-Kurt

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
spambots and dictionary attacks, rowland onobrauche Re: spambots and dictionary attacks, Hans Wolters Re: spambots and dictionary attacks, Peter H. Lemieux Re: spambots and dictionary attacks, rowland onobrauche Re: spambots and dictionary attacks, Peter H. Lemieux Re: spambots and dictionary attacks, Greg Metcalfe Re: spambots and dictionary attacks, rowland onobrauche Re: spambots and dictionary attacks, Andres Figari RE: spambots and dictionary attacks, Steven Jones Re: spambots and dictionary attacks, Ansgar -59cobalt- Wiechers Re: spambots and dictionary attacks, Kurt Seifried <= Re: spambots and dictionary attacks, Devdas Bhagat Re: spambots and dictionary attacks, Ansgar -59cobalt- Wiechers Re: spambots and dictionary attacks, rowland onobrauche

Previous by Date:	Re: spambots and dictionary attacks, rowland onobrauche
Next by Date:	Re: spambots and dictionary attacks, Devdas Bhagat
Previous by Thread:	Re: spambots and dictionary attacks, Ansgar -59cobalt- Wiechers
Next by Thread:	Re: spambots and dictionary attacks, Devdas Bhagat
Indexes:	[Date] [Thread] [Top] [All Lists]