When Zombies Get Stealthy
from the ruh-roh dept
Rather than really deal with the issue of computers taken over by zombies/trojans, many ISPs have simply chosen to block port 25 for their customers, meaning that they can't use any kind of 3rd party mail server. One way around this has been to just use a VPN of some kind to encrypt the traffic, and then the ISP has no clue if the traffic going over the network is email or something entirely different. Of course, it's not all that hard to predict the obvious next step: zombie botnets get encrypted themselves in order to hide the malicious traffic from peeping ISP eyes. This could make it a lot more difficult to spot -- and probably leads to the next step as well: ISPs blocking off even more, such as any kind of VPN setup. Won't that be fun?Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Blocking port 25 doesn't stop use of third-party m
(and SMTP AUTH to authenticate themselves.
[ link to this | view in chronology ]
huh?
[ link to this | view in chronology ]
No Subject Given
I'm sure the VPN software and even the botnets could just as easily begin switching their connections over to non-standard ports anyways.
This cat and mouse game can keep going until there are no ports left open, save for maybe port 80...
[ link to this | view in chronology ]
You would think
[ link to this | view in chronology ]
Re: You would think
[ link to this | view in chronology ]
No Subject Given
To find the source you need to look at the headers (http://www.stopspam.org/email/headers.html) or use a service like www.spamcop.com and copy/paste it all into there.
If you complain to the proper ISP, that ISP gets tired of receiving complaints and should take action against their customer. One bot down, and therefore 10-100K email messages of spam are shot down.
Unless you want M$ to start charging for outgoing messages....
[ link to this | view in chronology ]