Asian Flu
Viruses that look like they're coming from China actually start out in the U.S. of A.
Dr Seamus Phan [KnowledgeLabs News Center] | POSTED: 11.10.03 @00:01
As a geek and Internet security strategist, I make every effort to understanding just what was installed on our network, and to gain hands-on knowledge. As a result I have installed, tweaked, and worked on Linux, FreeBSD, Mac OS X, Windows XP, Apache, Sendmail, Postfix, and just about anything that the Internet bandwidth can be consumed by. What prompted me to be so hands-on in understanding the guts of operating systems and server software when I could have been relaxing in a summer resort?
...
If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.
...
alwayson-network.com |
