Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling]

From: James A. Thornton (jamest_at_u-238.infinite1der.org)
Date: 02/04/04

  • Next message: Bernie, CTA: "Re: [security] Re: Major hack attack on the U.S. Senate"
    Date: Tue, 3 Feb 2004 18:07:45 -0500 (EST)
    To: Gadi Evron <ge@linuxbox.org>
    
    

    On Tue, 3 Feb 2004, Gadi Evron wrote:

    > 3. I think we look at the whole problem in the wrong way, allow me to
    > elaborate:
    >
    > The AV industry is built on reaction rather than prevention. Adding
    > new signatures is still the #1 tool in the fight against malware.
    >
    > With spam and mass mailers clogging the tubes, causing us all to waste
    > money on bigger tubes, as well as our time dealing with the annoyance
    > (more money), shouldn't the problem be solved there (at the main tubes
    > themselves) rather than at the end user's desktop?
    >
    > If backbones filtered the top-10 current outbreaks, with non-intrusive
    > means such as for example running MD5 checksum checks against
    > attachments, or whatever other way - wouldn't it be better? True, it
    > may cause a cry of "the government spies on us, but with the current
    > economic troubles outbreaks cause, can we really use that excuse
    > anymore? Doesn't the police regulate speeding?

    Filtering at the backbone level is contraditory to 3.3, as the provider
    would have already sent the data out their Global ( or even National )
    Peer so they're already paying for the increased data on the pipes. Also,
    the feat of filtering every packet, MD5'ing it, and dropping it would be
    an engineering marvel. (De-capsulation and re-encapsulation alone would
    require vasts amounts of processing power for that much data. ) Not to
    mention the end user resubmitting his request once he realizes that the
    recipient never got the message the first time.

    >
    > If I were to take the conspiratorial side, perhaps backbones like it
    > when people pay for tubes they don't need, which are used to deliver
    > 90% junk.
    >
    > Nobody wants to deal with "you are reading my mail!" or with "sorry,
    > now people will pay for smaller tubes", perhaps even at the ISP level
    > - "why should I pay for more filtering when it isn't demanded of me?".
    >
    > They are right, it isn't currently demanded of them.
    >
    > I would like to refer you to SpamCop (when it comes to spam) or
    > MessageLabs (for malware), it works. But you need to pay to get (most
    > of) their services.
    >

    There ARE ISP/provider level AV/Filtering products out that alleviate most
    of the sources of unwanted incoming and outgoing mail traffic. Of course,
    purchasing and implementation is up to the provider...

    _____________________________________________________________________
    James A. Thornton UNIX System Administrator Atlanta, GA

    GnuPG fingerprint: 5A4E FF38 F255 78D2 EABC 63A5 6248 FBAB 293F EC0A


  • Next message: Bernie, CTA: "Re: [security] Re: Major hack attack on the U.S. Senate"

    Relevant Pages

    • Re: $10 inner tubes?
      ... Now that I got some Continental Schraeder tubes I'm spoiled, ... even I balk once the price goes over $5 for standard ... entry in the field/market, so as to subvert free market forces on pricing. ... and pay only for prescribed service and not others. ...
      (rec.bicycles.tech)
    • Re: $10 inner tubes?
      ... Now that I got some Continental Schraeder tubes I'm spoiled, ... even I balk once the price goes over $5 for standard ... entry in the field/market, so as to subvert free market forces on pricing. ... and pay only for prescribed service and not others. ...
      (rec.bicycles.tech)
    • Re: $10 inner tubes?
      ... $6 is certainly a fair price, considering what the shop pays ... Now that I got some Continental Schraeder tubes I'm spoiled, ... even I balk once the price goes over $5 for standard ... and pay only for prescribed service and not others. ...
      (rec.bicycles.tech)
    • Re: $10 inner tubes?
      ... $6 is certainly a fair price, considering what the shop pays ... Now that I got some Continental Schraeder tubes I'm spoiled, ... entry in the field/market, so as to subvert free market forces on pricing. ... and pay only for prescribed service and not others. ...
      (rec.bicycles.tech)
    • Re: $10 inner tubes?
      ... $6 is certainly a fair price, considering what the shop pays ... Now that I got some Continental Schraeder tubes I'm spoiled, ... entry in the field/market, so as to subvert free market forces on pricing. ... and pay only for prescribed service and not others. ...
      (rec.bicycles.tech)