- 1
- 2
- < previous
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
In another phishing case a customer was compromised with a PHP injection and Perl bots were installed.
"I looked around and found five more phishers and the customer removed the site and said they fixed the plug, but the phishers returned," McIntyre said. "It turned out every day the customer was re-uploading the phishing sites and restoring them from a backup."
There is certainly no shortage of bots as McIntyre runs a number of "botpots" based on Unix to attract bots.
This year botpot One has seen some 29,000 bots so far, botpot Two about 200,000 and botpot Three has just under a million systems from over the world.
"The point is we are proactive and if you are not contributing in some way you are making it worse for the Internet," he said. "There is plenty of malware out there and the script kiddies are out there, but the big guys are doing it for the money. It's worrying how much information is out there and how cheap it is. The underground economy is rife with this stuff."
There are now targets for Web-based e-mail systems and the known attack is sent around the world with a one to two percent success rate, but even that's enough.
What else can ISPs do to keep customer accounts secure? Well, according to McIntyre the overall procedure is quite simple.
"We find the problem and we are looking for the trouble," he said. "We have notification ritual telling people they have a problem and we give them free anti-virus tools and try to make the bar as low as possible."
They also use a ticketing system for abuse matters and if your ISP doesn't have one "run away".
"We also created a walled garden environment where the customer can get information online without being put at risk," McIntyre said. "We use policy-based routing for HTTP content and have firewall rules in the router that limits customer traffic."
McIntyre's team is now developing some custom filters as a preventative measure.
"We want to prevent the bot from becoming a spam relay. It is not being used for abuse handling and not based on DPI, its purely port based," he said. "I've got 120Gbps of traffic so show me the hardware that can do DPI on that at a less than the cost of Australia!"
- 1
- 2
- < previous
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
AIIA Challenges the ICT Industry to Reduce Australia's Carbon Footprint 2008-10-08 12:16:00+10
Australian SMBs Love of Mobile Phones and Increased Data Speeds Will Drive Mobile Spending Higher, Finds IDC 2008-10-08 10:21:00+10
VeCommerce Launches Top Ten List of Personal Security Breaches In Lead Up to National ID Fraud Awareness Week 2008-10-07 15:10:00+10
Multimedia Technology signs exclusive National distribution agreement with Freecom 2008-10-07 14:30:00+10
Open Text: Upheaval in the Financial Markets Sharpens the Focus on Information Governance and Enterprise 2008-10-07 13:19:00+10
An EMC Perspective on Data De-Duplication for Backup
Explore the factors that are driving the need for de-duplication and the benefits of data de-duplication as a feature of an organizations backup strategy.
