Silicon Valley Spam-Slinger Knocked out Cold
Russia may not be the only place spam hosts lay in wait. Tuesday of this week San Jose webhoster McColo went offline. The result is that the world's spam rate is now down by three-quarters, at least according to the Washington Post's online service.
On November 11, two ISPs, Global Crossing and Hurricane Electric, purged the California webhosting firm McColo from its services. The next day Cisco subsidiary IronPort announced that worldwide spam activity had fallen off by as much as 75%.
An article on washintonpost.com was what triggered the whole thing. Brian Krebs, the article's author, got a tip-off and notified the two ISPs of the webhoster's criminal activities that had been logged by security firms over the last couple months.
According to Krebs's article, the San Jose based McColo hosts, among other things, some diverse botnets that security firms such as SecureWorks deal with on a regular basis. Botnets are said to be responsible for about two-thirds of the world's spams. McColo also allegedly hosts many illicit child pornography websites, as washingtonpost.com reports and appeals to readers to contact the HostExploit.com website. Linux Magazine Online has since asked for comments from a few spam specialists.
Magnus Kalkuhl is one of them. He works in the anti-virus division at Kaspersky Lab in Germany. His comment: "We can prove that a whole series of botnets are no longer active since McColo was shut down." By his assessment, the affected botnets driven by McColo servers were Srizbi, Rustock and Mega-D, which were sending up to 10 million email spams a day. But even criminal activity involves backups: "It won't be long before the spam business starts picking up again as usual," Kalkuhl says.
Comments also came from Berlin webhoster, mail expert and Linux Magazine author Peer Heinlein. Heinlein identified the shut down servers as "bullet-proof" servers. McColo is, therefore, a kind of provider who promises its clients uninterrupted service even with high complaint rates. Spammers use "bullet-proof" servers either for sending direct and huge quantities of spam mail or as command-and-control servers for botnets to infest and control user PCs.
The tear-down of the McColo servers has cost a lot of spammers their infrastructure, according to Heinlein. "Organizations like Spamhaus, through their undying effort, have provided ISPs with enough earth-shattering evidence for them to take the proper steps." However, Heinlein concurs with Krebs that spammers will be back at their game in no time: "There are a number of other bullet-proof hosters that would love to take over all the suddenly available clients. Spammers will reconfigure things so that this recent cutback will hardly be noticeable."
Indeed, not everyone has noticed the effect. For example, Ralf Hildebrandt, self-professed mail server expert and also Linux Magazine author. He works on contract basis with T-Systems Business Service as technical manager for the CharitéHospital in Berlin. He has noticed nothing of a significant spam reduction: "My statistical graphs show about the same amount of emails and the same amount of rejects."
Customers can take a free test drive of SLES for HPC on the Azure Cloud
San Francisco-based chip company announces their first fully open source chip platform.
The whole distro gets rebuilt on glibc 2.3
Ubuntu Vendor tries to solve app packaging and distribution problem across distributions.
Founder of ownCloud launches the Nextcloud project.
Will The Machine change the way future programmers think about memory?
The new Torus distributed storage system is available under an open source license on GitHub
Juries decides Google’s use of Java APIs Was Fair Use
But if you are not using the latest Linux kernel, your system is insecure.
Home routers will give room for custom firmware but still comply with FCC rules