Re: [anti-spam-wg@localhost] European open proxy hijacking (not op, but op hijacking) - someone working on this?
- Date: Tue, 16 Sep 2003 15:01:57 +0200
- Organization: Telia Net
Claes Tullbrink wrote:
> Don't know how many of you has observered (or more;) Ronald F.
> Guilmettes open proxy hijacking project, listing the most used
> providers (with their backbone) from where open proxies is feed (to be
> clear, that is: *not* the net with most open proxies, but the net
> *feeding* those open proxies on other nets).
Yes, I have seen it.
> A (volume) top 40 list is posted in NANAE and at least in some
> anti-spam mailing lists, and now at
> <www.monkeys.com/upl/top-20030912.post> as well.
I have seen that as well.
> Most (among those the top 12) is US, but there are some European as
> well. RFG may be a PITA, but his usually know what he talks about, and
> I think you'll agree that just stopping the open proxies isn't enough,
> new proxies are found and exploited each [whatever short period of
> time], but cut off the feeders, and maybe it will make a difference.
That is stepping into a tarpit that some providers
are carefull not to step into. I knew that some
providers are filtering/blocking traffig from what
is considered "rough sites". But filtering is a
to hot potato to touch for some.
> So:
>
> telecomitalia.it / seabone.net
> Telia.net / mtu.ru
> MCI UK / RTComm.RU
> Sprintlink DE / Schlund.de
Hey, it's us ;-)
> ... anybody here knows if it's noticed and handled at those fine
> companies? Amar?
Yes. I belive that a lot is handled without the knowledge
of the public. But some providers maybe do more than
others.
Keep up the good work U and Your friends are doing Clas,
Regards
-- amar
