Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Decrease in Threats?

from [Will Aoki] Network Security [Permanent Link]
Subject: Re: Decrease in Threats?
Date: Mon, 30 Jan 2006 12:03:00 -0700 
On Sun, Jan 29, 2006 at 12:15:13PM +1300, Bojan Zdrnja wrote:

Greylisting works OK at the moment as spammers have no need to go
around it. But, you can be sure that once greylisting reaches critical
level of deployment, spammers will go around it very easy (basically
they just have to modify their applications).


Indeed, I believe that some spammers, accidentally or deliberately, have
already done just that. Last summer, I saw pill-spammers sending
multiple messages from the same source, with the same envelope, and to
the same recipient over about a seven-minute period. This cut through my
greylisting quite effectively until I increased the greylist delay.

I haven't noticed any viruses yet that are effective at bypassing
greylisting - I've only seen a few make it as far as my antivirus in the
last few weeks. To get around greylisting, they'd need to dedicate space
to keeping track of what sender they used for each recipient.

If and when spammers and virus authors do start changing their methods,
I predict the use of greylisting to buy time for spam- & virus-traps to
feed a good old-fashioned blacklist.

-- 
William Aoki     KD7YAF    waoki@umnh.utah.edu    5-1924
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Decrease in Threats?, Kurt Seifried
Next by Date:  Re: wired traffic, fowl8510
Previous by Thread:  Re: Decrease in Threats?, Bojan Zdrnja
Next by Thread:  Re: Decrease in Threats?, Gene Rackow
Indexes:  [Date] [Thread] [Top] [All Lists]