ietf-asrg
[Top] [All Lists]

RE: [Asrg] 4. Survey of Solutions - Methods of Authentication -Trojans]

2004-03-30 16:34:19
Yakov wrote...

This issues has been raised before. It is out of the scope of our group
to consider how to solve the problem with zombies or trojans.

I totally agree with you

thats why I wrote...


FIRST lets close the open system, not keep on thinking of reasons to boo
hoo
legitimate ideas.


Trojans are another issue entirely.

Regards
Chris


-----Original Message-----
From: yshafranovich02(_at_)sprintpcs(_dot_)com
[mailto:yshafranovich02(_at_)sprintpcs(_dot_)com]On Behalf Of Yakov 
Shafranovich
Sent: Tuesday, December 02, 2003 12:23 AM
To: Chris
Cc: Fridrik Skulason; asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] 4. Survey of Solutions - Methods of Authentication
-Trojans]


This issues has been raised before. It is out of the scope of our group
to consider how to solve the problem with zombies or trojans. While
there are some proposals (MTA MARK) that address the issue, it is
addresses within the realm of dealing with spam.

Yakov

Chris wrote:

I am not sure how high the percentage of spam from zombie machines is,
but it is growing...that much is certain.



Yes it is growing, but will it ever reach the proportions of todays mass
mailing?

I sincerley doubt it. not even 100th of todays spam

the other problem is that in effect we can never stop
compromised machines
therefore we can never stop spam. so should we give up?

We currently have spammers who have an open system. they can
get bulkmail
software from anywhere.

But to trojan a machine to send spam. no way that becomes a
federal crime,
and today I believe it can be even classed as an act of terrorism.

FIRST lets close the open system, not keep on thinking of
reasons to boo hoo
legitimate ideas.

then rename the ASRG to the ATRG (Anti Trojan Research group)

Chris


-----Original Message-----
From: asrg-admin(_at_)ietf(_dot_)org 
[mailto:asrg-admin(_at_)ietf(_dot_)org]On Behalf Of
Fridrik Skulason
Sent: 1 December 2003 7:31 PM
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] 4. Survey of Solutions - Methods of Authentication
-Trojans]



If anyone think spammers will move en masse to trojan systems

to continue

their habit, I believe they are sadly mistaken.

I wouldn't be too sure about that.  I am looking at this problem from a
anti-virus/anti-trojan perspective, and what I am seeing is the
establisnment
of several networks of "zombies", used for spam-related purposes - not
only spamming, but also DoS attacks on anti-spam sites.

The connection between spammers and compromised machines is becoming
clearer and clearer.

The spammers that just buy spam software from companies like
www.saurabh.info,
www.marketing-2000.net, www.massmailsoftware.com or other similar
companies
do not use the zombie nets, that's true...you have to look elsewhere,
for example at the spammers with connections to the Russian criminal
underground.

I am not sure how high the percentage of spam from zombie machines is,
but it is growing...that much is certain.

-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Power tends to corrupt, and absolute power corrupts absolutely" (Lord
Acton)
-------



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • RE: [Asrg] 4. Survey of Solutions - Methods of Authentication -Trojans], Chris <=