|
February 01, 2005
This weblog was under sustained massive comment spam attack on the weekend. I have had to close down commenting, but this has just pushed the spammers to Trackback. There is now a massive trackback attack under way.Junk for code is a link-spam vulnerable blog. So every form of feedback within this blog has become a target.
The spam problem has intensified in the past couple of weeks, with most of it coming from the US. Australian spammers have gone quiet I've had lots spamming about pills, porn and casinos flowing onto on my free outlet, which is then exploited, to pump up the search engine rankings of particular sites.
Clearly money is being made from selling Viagra, porn, and online poker. A lot on money is being made because the consumer demand is there. So the entrepreneurs and marketers see email and comment spam as bulk advertising. So my incoming email traffic consists of approximately 24% legitimate email and 76% spam.
An interview with a spammer.
These link spammers are using my bandwidth and blog space and they are abusing it by putting their commercial messages there. That should be illegal as it represents an invasion of my property.
Spaming has become a production line activity as this diagram of the architecture of a spam attack shows:
It uses zombie networks with the master computer in the circulatory system located in a safe offshore locations (China?)Zombies are personal computers compromised by viruses (or Trojan Horses) that allow the perpetrator to remotely control the machine and direct the attack, often through a botnet. When the network of Zombies receives instructions from its Master, each individual Zombie begins generating a flood of malicious traffic aimed at a single target/victim machine or network. That is the architecture of a distrubted denial-of-service attack.
The tools to increase the sophistication of these sorts of attacks are being developed by programmers. The next step is to control, or take over the servers, that can be used to launch attacks so that a vast inventory of well-connected Internet reflection servers can be obtained and managed. The end user is vulnerable to this reflection server attack since the heavy packet flow will no longer be discernible, as it will have diffused into neighboring routers rather than following a single path.
The heavy packet flow will no longer be discernible because it will have diffused into neighboring routers rather than following a single path.
Is there a design flaw in the old network technology of the internet?
|
That last diagram reminds me of 'Knowledge Nation'