ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] 2.a Spam Measurements: data available on Directory Harvesting Attacks (DHAs)

2003-08-07 09:19:34
from [Peter Kay] [Permanent Link] 
I'll step up to the plate w/ 2 volunteer efforts:

1. whatever we can gather from our servers getting hit. We log each
session to a database so we can get pretty good stuff out of that.  I
have not done any heavy db analysis to see if we've gotten whacked w/ a
DHA but my hunch says no. perhaps some spammers watching this list can
change that. 

2. lead the effort. And by "lead" I mean, "a team of more than just me".


I think DHA's are a big deal, and so far my Googling hasn't brought up
too much published info. Any info this league of extraordinary
technicals can dig up would be extremely helpful to all.

Maybe we can start by asking those that have been a (known) victim of a
DHA can step fwd as they might have an interest in making that problem
go away.

Peter


-----Original Message-----
From: Paul Judge [mailto:paul(_dot_)judge(_at_)ciphertrust(_dot_)com] 
Sent: Thursday, August 07, 2003 4:53 AM
To: 'Yakov Shafranovich'; Peter Kay; 'asrg(_at_)ietf(_dot_)org'; Paul Judge
Subject: RE: [Asrg] 2.a Spam Measurements: data available on 
Directory Harvesting Attacks (DHAs)





Someone mentioned this before, do a search on gmane.org on the list
archive. Also, I believe that Brightmail, Postini, 
SpamArchive and others 
offered data if needed on spam, and we should ask them. Do we 
have a liason 
relationship setup with those entities?



The thing to understand here is that there are different types of
measurements that can be done. Some focus on characterizing 
the current
problem; others focus on evaluating certain solutions. 

In spam characterization, there are four categories: 1) 
sending, 2) source,
3) message, and 4) spam attack characteristics. The above 
thread about DHAs
is part of spam attack characteristics. This category 
requires more protocol
level data therefore requires  spamtrap data while the rest of the
categories can be explored with data from spam messages. SpamArchive
provides spam messages and that data is readily available for 
download. The
need now is for persons with spamtraps that are willing to 
collect certain
data and/or run certain tools to analyze data. Also, a 
volunteer is needed
to lead this effort and create the tools and coordinate the 
volunteers.







_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] 2.a Spam Measurements: data available on Directory Ha rvesting Attacks (DHAs), Paul Judge
Next by Date:  [Asrg] SMTP level unsubscribe, Scott Nelson
Previous by Thread:  Re: [Asrg] 2.a Spam Measurements: data available on Directory Harvesting Attacks (DHAs), Yakov Shafranovich
Next by Thread:  RE: [Asrg] 2.a Spam Measurements: data available on Directory Harvesting Attacks (DHAs), Yakov Shafranovich
Indexes:  [Date] [Thread] [Top] [All Lists]