Fighting a spam fire with a DDoS
Monty J. Harder
mjharder at gmail.com
Wed Dec 1 14:14:53 CST 2004
On Wed, 1 Dec 2004 13:40:25 -0600, Jeremy Turner <jeremy at linuxwebguy.com> wrote:
> Of course, if the zombie computers attract too much attention from the
> ISP in terms of bandwidth or such, the zombies could be shutdown that
> way. Not nice, but effective.
>
> I couldn't get to the initial article. That said, a solution like
> sa-exim's teergrubing isn't a bad idea either.
Ich möchte Teergruben! The beautiful thing about it is that it
doesn't shut anything down, b u t b y s l o w l y t
h r o t t l i n g b a c k t
h e s p e e d ....
it ties up the resources of the spambot so it can't send out tons of
email in a short amount of time, which is its entire purpose. The
business model for spammers absolutely depends on sending out millions
of emails to get a handful of hits. If we can just s l o w them
down, it will affect them. If the infected machine gets noticed
because it's no longer functioning, so much the better. (I shut down
an open relay for a customer who had noticed the system was running
slowly, so it can happen!)
More information about the Kclug
mailing list