ietf-asrg
[Top] [All Lists]

Re: [Asrg] Countering Botnets to Reduce Spam

2012-12-15 11:33:22
On 12-12-15 11:38 AM, Barry Shein wrote:

On December 14, 2012 at 10:08 clewis+ietf(_at_)mustelids(_dot_)ca (Chris 
Lewis) wrote:

 > Compromised Linux machines (mostly servers) are now responsible for ~40%
 > of all spam.

Any information on how they are being compromised?

- Wordpress and Joomla seem to be subject to a never-ending blizzard of
various file-upload compromises.  While ensuring that the customers
using them are using the very latest patches seems to help a _lot_,
that's apparently something that not all hosters attempt to enforce, and
tomorrow there'll be another compromise discovered.

- Some multi-host platforms are inherently leaky.  IIUC, Cpanel has anon
ftp turned on by default.

- Files uploaded via compromised customer userid/password are extremely
common, and have been for quite a while.  Small-medium environments are
under surprisingly high phishing pressure.  Even my teensy regional ISP
is subject to a never ending wave of phishes.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg