[OWASP-Ireland] Escalating war with spammers:

Brian Honan brian.honan at bhconsulting.ie
Mon May 22 12:12:14 EDT 2006


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Blue Security Kicked While It's Down
http://blog.washingtonpost.com/securityfix/2006/05/blue_security_surre
nders_but_s.html
Looks like the Spammers really have had it in for Blue Security. 
They apparently attacked the companies Blue Security was using to
provide DDOS protection.  This has resulted in a number of other
companies also being affected.


Brian Honan
BH Consulting
Helping You Piece IT Together
T:   +353-1-4404065
M:   +353-868114066
E:   brian.honan at bhconsulting.ie
W:   www.bhconsulting.ie

Supporting Global Security Week http://www.globalsecurityweek.com

This message is for the named person's use only. If you received this
message in error, please immediately delete it and all copies and
notify the sender. You must not, directly or indirectly, use,
disclose, distribute, print, or copy any part of this message if you
are not the intended recipient. Any views expressed in this message
are those of the individual sender and not of BH Consulting.
- -----Original Message-----
From: owasp-ireland-admin at lists.sourceforge.net
[mailto:owasp-ireland-admin at lists.sourceforge.net] On Behalf Of Eoin
Sent: 22 May 2006 12:31
To: Tony Palmer
Cc: owasp-ireland at lists.sourceforge.net
Subject: Re: [OWASP-Ireland] Escalating war with spammers:

<rant>
There was one suggestion to fight spam,
Charge per mail!! I Dont think it would ever work but it may force
owners of vulnerabile mail servers to tighten up and mail relay
spoofing could be reduced.

Also one thing to note is we all get much more spam in real life,
look ato all the junk mail we get in our postbox! (Waste of paper in
my view, like email spam is a waste of electricity).
Talking about wasting electricity, wouldnt it be nice to charge for
power consumption your CPU/memory etc uses in  processing spam email,
wounder if this would ever work (doubt it).

So Whos going to Belgium next week?
</rant>
Eoin




On 22/05/06, Tony Palmer <tony.palmer at vordel.com> wrote:
>
>
> Well there are three courses of action that I can see.
>
> 1. We continue with spam filters and legal threats. The business
> value  of email decreases to the point where it is not used, and
> other 
> technologies will take over. Already companies are looking at
> things  like IM to communicate with less noise. But that just opens
> up another target. 
>
> 2. Strengthen authentication for mail. ISP's should refuse to route
>  mail that cannot be traced to its point of origin. There are moves
> in  this direction as mentioned already but I'm not sure that they
> will  gain universal acceptance. e.g PKI, make sure all mail is
> signed by  your outgoing mail server. It would be easy to delegate
> trust to 
> certain CA's. I know all the problems with PKI but at the very
> least  all that RSA verification will slow down the throughput, DOS
> by 
> crypto?  ;-)
>
> 3. Something else?
> T
>
>
>
> -----Original Message-----
> From: owasp-ireland-admin at lists.sourceforge.net
> [mailto:owasp-ireland-admin at lists.sourceforge.net] On Behalf Of
> David  Ryan
> Sent: 22 May 2006 11:53
> To: owasp-ireland at lists.sourceforge.net
> Subject: Re: [OWASP-Ireland] Escalating war with spammers:
>
> On 5/22/06, Brian Honan <brian.honan at bhconsulting.ie> wrote:
> [chop]
>
> > The above, coupled with the recent death threats aimed at the
> > people  behind spamhaus, makes one wonder how best do we put
> > these people  out of business?
>
>
> Maybe you can't. Organised crime and racketeering have existed for
> far  longer than this Internet fad. The very fact that some people
> are  attempting to shut down the spammers is resulting in the
> response.  Trying to solve this with technology by "civilians"
> would appear to be a false start. 
>
> Legislation, international cooperation, resources (money money
> money)  ... I don't think there's much hope down that path either
> ;)
>
> Suggestions? Perhaps Minister McDowell could resolve the matter?
>
>
>
> This e-mail is business-confidential and may be privileged. If you
> are  not  the intended recipient, please notify us immediately and
> delete  it. If the  email does not relate to Vordel's business then
> it is  neither from nor  authorized by Vordel. Thank you.
>


- --
Eoin Keary OWASP - Ireland
http://www.owasp.org/local/ireland.html


- -------------------------------------------------------
Using Tomcat but need to do more? Need to support web services,
security?
Get stuff done quickly with pre-integrated technology to make your
job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache
Geronimo
http://sel.as-us.falkag.net/sel?cmd=k&kid0709&bid&3057&dat1642
_______________________________________________
OWASP-Ireland mailing list
OWASP-Ireland at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/owasp-ireland

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRHHi3ou28IDxtc99EQLjpgCeLWjEjBGP8tkPfT4ddZAIW5VSJ+IAn1Xr
lbut+HmFloGqX2xT+LILzlPY
=EdGe
-----END PGP SIGNATURE-----





More information about the Owasp-ireland mailing list