Should ISPs control what applications their customers can run?
frankly and truly, i would be satisfied if isp's wouldn't run outlook/exchange
in their noc/abuse departments, so that they could safely accept mime-mail
rather than bouncing it as their only means of keeping themselves virus-free.
On Mon, 16 Jun 2003, Paul Vixie wrote:
Should ISPs control what applications their customers can run?
frankly and truly, i would be satisfied if isp's wouldn't run outlook/exchange
in their noc/abuse departments, so that they could safely accept mime-mail
rather than bouncing it as their
On Mon, 16 Jun 2003, E.B. Dreger wrote:
Has ML also discovered it's pretty much up to service providers
to combat this, and that it is far from the most pressing issue
law enforcement has on their proverbial plates?
law enforcement seems to be much more interested in prosecuting
hard to
Dan Hollis wrote:
law enforcement seems to be much more interested in prosecuting
hard to trace underage script kiddies, that it does prosecuting easily
traceable adult porn spammers who trojan 1000's of peoples machines.
I suspect that the latter can pay for 'lobbying' better. Cough.
Peter
Stephen J. Wilcox wrote:
Hmm where do you draw the line.. peer2peer file sharing, MS
Networking, SMTP, telephones, snail mail, visiting foreign countries,
meeting people at all.. ?
I am a very very poor student of history (my secondary school only offered a
strange variety that I never paid
why can't multibillion dollar companies figure that out? it does mystify
me :)
The only lame excuses I can come up with are possibly:
laziness, stupidity, ignorance, complacency, fear of non-compliance (but
I think that's a stretch) and perhaps the raccoon mentality of 'it's new
and shiny - I
: I don't know what proof MessageLabs has, but they report that spammers
: are breaking into home PCs of unsuspecting users to send junk mail.
I see quite a bit of this; mostly from DSL customers. What few spam complaints
we get are by far sent by this method. The users have no idea their boxes
therefore
3) why would anyone ever run outlook
i love outlook2003. no joke, i use it every day. whenever i get an
attachment that seems reasonable and i need to open it, i put it in the
folder that outlook can see, and i read it. i also share a calendar (in
three directions) using
In message
[EMAIL PROTECTED], Sean
Donelan [EMAIL PROTECTED] writes
If I think
a grocery store in Ireland is charging too much for potatoes, can I
ask the Irish government to order the grocery store to change its price
on potatoes?
If the grocery store had a monopoly on selling potatoes in
On Mon, 16 Jun 2003, Sean Donelan wrote:
I don't know what proof MessageLabs has, but they report that spammers
are breaking into home PCs of unsuspecting users to send junk mail.
http://www.vnunet.com/News/1141610
Spammers are increasingly hijacking home PCs to send junk mail,
The problem - to try to steer this bus back onto topic - is the sheer amount
of self-policing that the powers-that-want-to-be want us to do. Or it
becomes our fault.
Who should do the policing then Peter?
Neil J. McRae wrote:
The problem - to try to steer this bus back onto topic - is the
sheer amount of self-policing that the powers-that-want-to-be want
us to do. Or it becomes our fault.
Who should do the policing then Peter?
The police ?
From a viewpoint in the UK, the real police (as in
On Mon, 16 Jun 2003, Peter Galbavy wrote:
By trying to get around this and requiring soft targets, such as
under-represented (OK - under-lobbied to be accurate) industry segments like
ISPs, to do this work 'unpaid' is a way of making the politicians look
competent and make any self-policed
On Mon, Jun 16, 2003 at 05:46:07AM +, E.B. Dreger wrote:
MessageLabs just now realized this? AFAIK, this and open proxies
are pretty much _the_ standard vectors nowadays for spamming.
Has ML also discovered it's pretty much up to service providers
to combat this, and that it is far from
the thing that actually burns my hash, is when my spam
complaints or noc correspondance are robotically bounced because they
contain dangerous mime attachments of type message/rfc822 (spam
examples) or text/plain (traceroute or tcpdump output). if your noc
or abusedesk has such a robot
On Mon, Jun 16, 2003 at 03:43:41PM +0100, Brandon Butterworth wrote:
the thing that actually burns my hash, is when my spam
complaints or noc correspondance are robotically bounced because they
contain dangerous mime attachments of type message/rfc822 (spam
examples) or text/plain
3) why would anyone ever run outlook
why can't multibillion dollar companies figure that out? it does mystify
me :)
It has been my experience that multibillion dollar companies are all in bed
with Microsoft to some degree. Can't bite the hand that feeds you,
apparently (no matter what the
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Brandon Butterworth
Or they may be happy thinking their NOC is more 0day virus proof rather
than hoping a 3rd party will update their scanner in time
Who'd want to risk the NOC falling to the same
Sean Donelan wrote:
Except this is not self-policing. ISPs are not being asked to
police
what ISPs do. For the most part ISPs don't attack their customer's
(or anyone else's) computers. Remember, the traffic generally flows
THROUGH
the ISP's network, it doesn't come FROM the ISP.
OK -
Getting SPAM from 118.189.136.119 relayed by rr.com ?
this network is not allocated, nor announced. I have been looking everywhere
to find if it has been announced (historical bgp update databases, like RIS
RIPE / CIDR REPORT / etc..)... I didnt found anything this probably mean
rr.com is
Received: from [118.189.136.119] by smtp-server1.cfl.rr.com with NNFMP;
what's the next/previous line? (The one just above it)
Kind Regards,
Frank Louwers
--
Openminds bvbawww.openminds.be
Tweebruggenstraat 16 - 9000 Gent - Belgium
On Mon, 16 Jun 2003, Frank Louwers wrote:
Received: from [118.189.136.119] by smtp-server1.cfl.rr.com with NNFMP;
^
what's the next/previous line? (The one just above it)
ditto. I think you've been fooled by
On Mon, 16 Jun 2003, Paul Vixie wrote:
therefore
3) why would anyone ever run outlook
i love outlook2003. no joke, i use it every day. whenever i get an
attachment that seems reasonable and i need to open it, i put it in the
folder that outlook can see, and i read it. i also share
On Mon, 16 Jun 2003 17:33:11 +0200, Pascal Gloor [EMAIL PROTECTED] wrote:
| Getting SPAM from 118.189.136.119 relayed by rr.com ?
|
| this network is not allocated, nor announced. I have been looking everywhere
| to find if it has been announced (historical bgp update databases, like RIS
| RIPE
I think pauls point may be:
If they use text based mailers
I know, intrinsically safe is good but that's not what managment
wants so you end up with bodges to make their choices safer. Some
people may go too far
It's a lot harder to open up a microsoft executable on a *nix
[EMAIL PROTECTED] (Brandon Butterworth) writes:
I think pauls point may be:
If they use text based mailers
text based is not what i'd require. professional grade is the right term.
that can be anything from xmh to eudora as long as it was written to stand
up to the worst the
Christopher L. Morrow wrote:
yea, if my sister in-law (who barely knows what 'computer' means most
times) can come to the conclusion that:
1) all email viruses of note are outlook targetted
2) everyone with outlook gets viruses
therefore
3) why would anyone ever run outlook
why can't
Look carefully at the headers again. I have seen a few like this running
around. The IP listed is not actually an IP, but marked as a supposed
FQDN. The ones I have seen appear to originate out of brazil for the most
part. I do not have a sample handy at the moment, but if someone wants it
(for
There is a report of a fiber cut in New Jersey affecting some Global
Crossing service near Newark and other mid-Jersey cities. WATS/800
service through some other providers was also impacted. Depending on
circuit routing, it may also affect some services in nearby states.
A splicing crew has
On Mon, 16 Jun 2003 15:47 (UT), [EMAIL PROTECTED] wrote:
| I've never heard of the NNFMP protocol
It's the latest spammer exploit the Network Nonsense - Fools Most People
exploit. You've not been hit by that one yet, then?
On Mon, 16 Jun 2003 17:47 (UT), Wayne Tucker [EMAIL PROTECTED] wrote:
On Mon, 16 Jun 2003, Bill Robbins wrote:
Chris/Nanogians,
Block hijacking appears pretty popular nowadays.
yes :(
One member of our local exchange had a request to advertise this unused
block: 160.122.224.0/20. It appears it was also a UBE related hijack
attempt, which failed
Did anybody ever hear about IP-addresses which get a slow treatment from
some http servers ?
We have a 195.212.127/24 out of a /16 PA range which is behaving very odd
with multiple WEB servers but works fine with most others.
When we configure an IP out of 195.212.127/24 on an direct Internet
Daniel,
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [Mon 16 Jun 2003, 22:52 CEST]:
Did anybody ever hear about IP-addresses which get a slow treatment from
some http servers ?
Do you have reverse DNS in order? Seems you have a lame delegation.
This could explain the timeout, provided that the
On Mon, 16 Jun 2003, William R. Lorenz wrote:
Can someone with a bit of experience in telco line engineering speak to
IntraLATA vs. InterLATA DS-1 circuit reliability? More specifically, is
it more likely for multiple DS-1 circuits to be aggregated using a single
piece of multiplexing
Paul Vixie wrote:
text based is not what i'd require. professional grade is the right term.
that can be anything from xmh to eudora as long as it was written to stand
up to the worst the internet is capable of delivering to it. text based is
my own preferred crutch but you don't need text based
Anyone know what's going on in Boston with Lightship?
Curtis
As far as I could tell, the vector was AOL IM. So, it's not only M$
and outlook. Why oh why are vendors shipping with defaults like no
restrictions on buddy downloads and execution?
Hiya,
The same reason why some linux installs were/are totaly open:
They wanted it to work outta the box.
so i've been doing a bit more research on this.
NSI has *.lame-delegation.org which is used on zones where
selected or all NS are not valid for a zone.
some zones have a lame-delegation.org NS listed *AND* a
NS that is answering for the zone.
most zones have all NS's listed as
It should be easy enough to 'follow the money' by seeing who's doing the
selling -
Whoever's paying for the advertising should be held accountable for the
spam generated - even by subcontractors.
- Lars
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Speaking on Deep Background, the Press Secretary whispered:
It should be easy enough to 'follow the money' by seeing who's doing the
selling -
Whoever's paying for the advertising should be held accountable for the
spam generated - even by subcontractors.
That's exactly the point the
I name this
Weird-118rr
On Tue, Jun 17, 2003 at 09:48:07AM +0530, Lars Higham wrote:
It would be useful if this exploit could be named and documented at
least for one known instance -
Regards,
Lars Higham
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL
Okay, but what's the trojan signature look like?
How should people be checking to see if they're compromised?
-Original Message-
From: John Brown [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 17, 2003 10:12 AM
To: Lars Higham
Cc: [EMAIL PROTECTED]
Subject: Re: Spam from weird IP
If what they are doing is not ok, what would you propose?
Leaving dns hanging when domain is expired is not right either. Deleting
domains when some other domain is using dns host in it, will cause
problems for registry. They are doing best they can - fast rename and
delete domain, then slow
if a domain expires it shouldn't be in the TLD zone, and thats
a seperate issue.
I'm talking about delegations in the gTLD zone that reference
name servers that are INVALID. These *.lame-delegation.org
machines are NOT under the authority of NSI, the service
provider who's IP NSI has tagged
On Tue, 17 Jun 2003, David Lesher wrote:
That's exactly the point the attny made during the FTC conference.
There are mighty few spammers that don't want your money. That's
your gotcha.
The FTC need to run some sting operations and nab these clowns trojaning
everyones computers. Should be
Speaking on Deep Background, the Press Secretary whispered:
That's exactly the point the attny made during the FTC conference.
There are mighty few spammers that don't want your money. That's
your gotcha.
The FTC need to run some sting operations and nab these clowns trojaning
46 matches
Mail list logo
