[Scspamcop] Re: OT, Ralsky Indictment (Link)
Farelf
user at domain.invalid
Sat Jan 5 19:31:06 EST 2008
Sofa King Tyred of Lar Ting wrote:
>
> Developing countries will go through the same learning curve for
> "security competence" that European, North American, etc. countries went
> through. It spans across the entire sector: from the ISPs, to the PC
> retailers, to the end users.
>
> There will be zombie "markets" that are available for a long time to
> come, IMO.
Truth. A peek at a live botnet is currently afforded by looking at the
hosting of greatcanadianpharm.com (using nslookup or whatever). A
changing list of 15 addresses should be shown, with a few different ones
coming into play every few minutes - doesn't take long to see 50 or more
different addresses. 75% of which are east Asian - China, Japan, Korea
(Comcast and AT&T making up most of the rest). May not be
representative but I'm supposing it is.
Which is sort of reassuring in terms of the "security competence" bit.
I had assumed our "competence" mostly consisted of "our" ISPs simply,
silently, blocking and dropping suspect outgoing. But that wouldn't
explain the relative weighting of the webhosting seen (Comcast and AT&T
being a size thing, fairly clearly). So, yeah, may indicate relative
security competence (times size). I'm a little surprised Japan is
strongly represented in the botnet, Brazil is not. Size maybe. Or I
could be completely wrong :).
Steve
More information about the SCspamcop
mailing list