Re: Domain HiJacking by SPAMMERS

From: Ed Weinberg (nylug_at_q5comm.com)
Date: 01/31/04 

Date: Fri, 30 Jan 2004 18:51:23 -0500
To: Jude Naidoo <jude007@jnaidoo.fsnet.co.uk>

On Fri, 2004-01-30 at 13:35, Jude Naidoo wrote:
> The only thing you can do is , as Bryan mentioned, find out via whois what
> the originating IP is and contact their ISP. Then stay on the ISP's case
> until you get some sort of details on the user, if they will let you have
> it. If you do get an email address for the spammer, send them some hate-mail
> threatening legal action.
> ----------------------------------------------------------------------------
Unfortunately from what I have seen lately, most spam comes from either
China, hijacked desktops, or mis-configured proxies.

You can't get a response from China (accounts there are under
$3US/month), and ISP's will not sniff the hijacked desktops to see who
is actually sending the spam.

I already have all IP addresses from China in my server's blacklist. 

-- 
Ed Weinberg <nylug@q5comm.com>
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------

Relevant Pages

  • Re: There needs to be an international policy
    ... Here is a traceroute to one of those Chinese spam sites: ... > Global to take China out of their BGP routers. ... > place of China if you decide to firewall China off of the Internet, ... or, at the least, nationalize the U.S. components of the ...
    (microsoft.public.security)
  • Re: There needs to be an international policy
    ... Here is a traceroute to one of those Chinese spam sites: ... Global to take China out of their BGP routers. ... place of China if you decide to firewall China off of the Internet, ... or, at the least, nationalize the U.S. components of the ...
    (microsoft.public.security)
  • Re: China Travel Discussion List
    ... and that actually are spam. ... Oriental-List carries no advertising whatsoever, and commercial postings ... Some small latitude is given to the authors of books on China to say ...
    (rec.travel.asia)
  • Re: There needs to be an international policy
    ... Here is a traceroute to one of those Chinese spam sites: ... >> Global to take China out of their BGP routers. ... >> place of China if you decide to firewall China off of the Internet, ... or, at the least, nationalize the U.S. components of the ...
    (microsoft.public.security)
  • Domain HiJacking by SPAMMERS
    ... The most serious problem is that the subject of the SPAM could cause a major public relations problem for the company, since it is mostly online-drug sales and private enhancements being marketed. ... A thorough check of the mail system and tracing of the original spam messages confirm that the company's systems are not being used as relays. ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, ...
    (Security-Basics)