[Dshield] Extreme increase in spam attempts... any one else seeing similar event?

jayjwa jayjwa at atr2.ath.cx
Mon Aug 20 10:57:11 GMT 2007


On Fri, 17 Aug 2007, WebMaster at Commerco.Net wrote:

-> I'd argue that, rather than calling it spam as Dotzero suggests, this kind 
-> of activity should rightly be termed and considered a direct and deliberate 
-> form attack upon a targeted network by the originating party of the 
-> spam, whom I contend, deliberately use these kinds of SPF "challenged" 
-> MTAs as their "bot"attackers.

This sounds very much like what I was reporting awhile back with the PDF spam 
stuff. Only my increase came Aug 1st., died down, then flared back up.

-> It cannot be viewed as anything else these day, given that the "joe job"
-> could have been just as easily done with an attackers own "throw away"
-> domain name(s).  Instead, they clearly and deliberately chose to
-> directly attack another party's domain name(s).

I ended up null-routing a host/domain for about 4-5 days :(


-- 
"I will not respond to questions about what,
if any, Tor nodes I operate."  -Fed-hat HD Moore
http://archives.seul.org/or/talk/Mar-2007/msg00131.html
http://www.securityfocus.com/news/11447


More information about the list mailing list