Ignacio Agullo inquired:
Was it necessary to attach dozens of files, about one megabyte of size?
Yes; they're all different, with differing goals, impacts, patterns, and the
like.
I'd also like to encourage others to attempt similar analyses. It's taking me
a
couple of months to gather the data and put it into an order which can be
examined
to find out why and how so many attacks are being made by servers located at
addresses which cannot be traced. These results show that they can be
examined for
country of origin, degree of obfuscation, location of additional addresses,
etc.
There are other months in the year; one person cannot possibly keep up with
the task;
yet there are hundreds of folks picking up the traces left behind in the
headers of
malicious messages; you can find out for yourselves by putting one of the PTR
records
(a.k.a. hostnames) in an Internet search engine, enclosed in quotation marks,
and then
gathering the IP addresses gleaned from malicious Internet traffic by the
many folks
who monitor such traffic. That's another webpage like this excerpt that can
be generated.
George Langford
