Re: spammers Message #3 Posted by bill platt on 15 July 2004, 11:28 a.m., in response to message #1 by alsaudio
Hi Al,
Well, the thing to realize is that the spam phishing is automated. Sure, there are lots of people doing it (an image comes to mind: some creepy unemployed russian, watching porn and eating snacks in some dismal flat, with a cobbled together server, and an "alarm" on his program which will notify him when he has "caught" either an open port, or a live address etc. Then, he switches off the porn and goes over to his computer to "set the hook and reel 'em in".....I don't mean to pick on russians---probably just as many americans----just that the span got so bad at one of the US' major ISP's about a year ago--and over 50% of the spam came from an "ru" domain--and another huge chuck was originating from china---for a while, they simply shut down all comms from .ru).
But the point is that the phishing is automated. One day, our chief of IT and programming, set up a server, with a simple password, and ramped it onto the internat to see what would happen. Within 30 minutes, a phisher had cracked the code, and replaced command files, and therefore had a direct control. It was a demonstration test---and very effective! Having an unprotected port for even a few moments can lead to catastrophe if you have a mission-critical machine accessible thru that port.
The best remedy IMO is to *never* leave your real address---either cloak it --- and something better than NOSPAM (as the phishers filter for that) OR better yet, put your address on a web-site, in graphics, and point all potential contacts to that website:
http://plattdesign.net
where they will get your current address. As this requires hand-work, a phisher will not do it (he would rather watch porn.....)
Don't give up on the Forum--it is just a matter of staying one step ahead.
Best regards,
Bill
|