Top
Recommendations
Toktumi.com

Get Dropbox!

Tags
Categories
Social
Suggested Reading
  • Think and Grow Rich
    Think and Grow Rich
    by Napoleon Hill
  • Buddha: A Story of Enlightenment
    Buddha: A Story of Enlightenment
    by Deepak Chopra
  • How To Win Friends and Influence People
    How To Win Friends and Influence People
    by Dale Carnegie
  • The Wisdom of Crowds
    The Wisdom of Crowds
    by James Surowiecki
  • Purple Cow: Transform Your Business by Being Remarkable
    Purple Cow: Transform Your Business by Being Remarkable
    by Seth Godin
  • The 7 Habits of Highly Effective People
    The 7 Habits of Highly Effective People
    by Stephen R. Covey

Entries in ip reputations (2)

Friday
Feb132009

Valentine’s Day Spammers

DateFriday, February 13, 2009 at 8:27AM

I came across this article last night, “Botnet Operators Gearing Up for Valentine's Day Spammers try to play Cupid, with a dark twist” by Richard Adhikari with Internet News (http://www.internetnews.com/security/article.php/3802331) and can’t help but think there is nothing new here.

The “bad guys” are well funded and have developed sophisticated tool-sets to evade detection by content driven and IP reputation based security systems.

While I’m not extremely familiar with the term “fast flux DNS,” this is a perfect illustration of why DNS blacklisting (a.k.a. IP reputations) is such a waste of time as currently implemented by folks like Websence, etc. The “bad guys” know that as long as they are competing against reactive technologies like content filters and DNS blacklists they will ALWAYS be ahead of the curve.

AuthorTal Golan | CommentPost a Comment |
tagged in
Friday
Jan162009

Zombie PCs Attack

DateFriday, January 16, 2009 at 12:41PM

Internet News published this article yesterday, about zombie PCs (http://www.internetnews.com/security/article.php/3796526/The+Webs+Latest+Threat+Smarter+Zombies.htm) getting smarter and harder to track, as they are regularly asking for new IP addresses from their ISPs, ultimately rendering anti-spam software that works by blocking IPs now useless:

Unfortunately, my first thought reading through this is a big “I told you so” to the universe of security experts who keep insisting that IP reputation is the silver bullet in the ongoing war against spam and other e-mail bourn threats. Commtouch (www.commtouch.com) is a world recognized expert in the field of IP based reputation and should be taken at their word. If they say that IP reputation is finally dead, I would agree.

The fact that IP based reputation schemes are flawed has been well known to Sendio (www.sendio.com) for years. We have always believed the only type of security that really works is active security. All of the current IP reputation schemes are passive/reactive; employing complex algorithms to make guesses based on patterns and probabilities. Clearly, in a world where there is big money at stake, the bad guys are highly motivated to find mechanism that allow them to evade these passive security paradigms.

I believe the time has come for the security community-at-large to recognize that we need to move away from passive guessing schemes to active authentication methodologies.

AuthorTal Golan | CommentPost a Comment |
tagged , in