[Dshield] Cut Off China
jayjwa at atr2.ath.cx
Wed Jun 29 02:44:16 GMT 2005
On Mon, 27 Jun 2005, David Cary Hart wrote:
-> > it is definetly targeted at the US and is spewed from hacked
-> > boxes on Comcast, Adelphia, Roadrunner and the like but it seems to have
-> > originated from other countries.
-> It should be noted that most of those "hacked" boxes are in dynamic
-> space which provides another means of blocking.
I've got to disagree here: why bother to hack a box, setup a spam front
to start off whatever operation they have in mind, only to have said box
go offline 20 minutes later because grandma shutdown her PPP connection
after she read her email and the whole thing's now gone to waste? It
doesn't make sense to throw away 'hard work' or effort, even to a
Dynamic != Bad Guy. If anything, it's more of a pain that some of us
unfortunately have to put up with given our situations, but that is
another story. As far as blocking based solely on one's connection status
to the Internet, I think that that would have to be considered even more
prejudice than banning an entire country like China, as dynamic users tend
to be home users or those without the money to purchase expensive,
high-speed static lines.
Interestingly, of all the spam & email frauds that I've dealt with over
this past week, all of it was from either static DSL lines, or the ISP's
designated outbound mailserver on what appeared to be Unix machines. The
opertunity for the email scams (such as eBay/PayPal) appeared to come from
seriously outdated, known-vulnerable services. None of it was dynamic.
Confidentiality Notice: This email may contain confidential
and privileged information. If in the event that it does,
please send it back to me with a reply telling me how
stupid I am for sending confidential info to a public forum.
More information about the list