[Dshield] Joe-job aftermath
nlindq at maei.ca
Fri Oct 3 16:53:17 GMT 2003
We've been the victim of a joe-job which started last Friday and
proceeded for a week (it's finally let up this morning, but that
could be temporary). I've collected a ton of bounce messages (looks
like the spam run was directed primarily at Hotmail and MSN).
Unfortunately it appears that each message was relayed through a
different blind proxy, so I've been unable to trace the original
spammer(s) so far. Does anyone know of a way to correlate open
proxies with those who exploit them?
Any other suggestions as to possible action we could take? I've
already spoken to our ISP, but they have no ideas.
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.
More information about the list