Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Blogs
    • Security Watch

    So Long McColo Lows, Oh Well

    By
    Matthew Hines
    -
    February 7, 2009
    Share
    Facebook
    Twitter
    Linkedin

      Well, here’s what we learned from the McColo experiment that was so cleverly pulled together by Washington Post blogger Brian Krebs and some other smart folks in the name of stemming malware-laden spam e-mail – attacking spam at its source can work, but, seemingly, not for too long.

      When Krebs et al convinced upstream Internet access providers to cut off services to shady hosting services provider McColo in late November 2008, spam rates fell dramatically, anywhere from 50-75 percent worldwide depending on whose estimates you believe.

      But, just as experts began to predict just a few days after the massive coup, it now seems as if the takedown’s positive effects have been relatively short-lived. Symantec, for one, reported earlier this week that it is again seeing the same volumes of unsolicited e-mail that it was tracking before the anti-McColo effort was launched.

      To anyone who has listened to people like Arbor Networks’ researcher Dr. Jose Nazario talk about the hydra-like distributed control mechanisms being embedded into the botnets responsible for generating much of this content, and the effect to which that innovation has made it such that no matter which command and control machines you take out on those networks, there’s almost always another waiting to take its place, it’s pretty clear this problem has transcended “epidemic” and segued into “utterly catastrophic.”

      We now have to ask ourselves, in light of spam’s recent resurgence, even if we could get all the major Internet service providers of the world to choke off registrars and the like who are clearly abusing their services and generating all of this spam and malware, would that even stop the problem?

      The McColo takedown had a powerful, immediate and stunning effect. But even if you shut down all the McColos of the world, wouldn’t the bad guys simply find a new place to hang their hats, and fairly quickly at that?

      It’s certainly interesting to ponder.

      I’d love to see all the nefarious players openly identified by people like KnujOn, Spamhaus and others squeezed through some concentrated and coordinated effort to have a super McColo-like effect. The in-box and junk mail sfolder silence worldwide would be a pretty cool thing to observe. But who will be the ones to pull this off anyway? Researchers? The government? It’s not clear.

      And, how long after someone pulls that type of thing off, if they can, before the spammers just creep back onto the scene as they always seem to, the ubiquitous marching ants that unflaggingly reappear each Spring to spoil society’s feast at the Internet picnic?

      Seems like not long.

      So, whatever happened to sender authentication? Oh yeah…

      Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to [email protected].

      Matthew Hines

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×