Gareth Davies wrote:
When it is coming from any major U.S. ISP, a copy of the firewall logs, along with the time and timezone e-mailed to the abuse@ and the security@ seems to stop it for a while.---- Original Message ----- From: "Christopher R. Hertel" <[EMAIL PROTECTED]> A curious article:http://www.wired.com/news/technology/0,1282,55795,00.htmlIt says that the Messenger Service Spammers are using port 135, which means that they're not using regular WinPOPUP stuff (the <03> names on port 139). I do, in fact, see connect attempts to port 135 in my home firewall logs. (I think they should be called slimewalls.)
It looks like the author of the spamware issued a press release and conned a bunch of reporters into giving them free advertising.I'm guessing that they're doing something RPC-related that has, basically, the same effect. I'm just curious to know what it is...<snip> They are they are using Windows messenger.. net send <ip address> "message goes here"
I have not followed the latest link, but they are hawking the spamware for between $300 U.S.D. and $700 a copy.
There was also a report that someone was offering $2000 U.S.D for a program to send such spam.
Here is a great opportunity for Samba Developer's, especially published authors to get their name in print while delivering a clue to these reporters about what the real story is.
-John
[EMAIL PROTECTED]
Personal Opinion Only
