|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Stopping open proxies and open relays
On Fri, 6 Feb 2004 22:43:39 -0600 (CST), Adi Linden wrote: >I am looking for ideas to stop the spam created by compromised Windows >PC's. This is not about the various worms and viruses replicating but >these boxes acting as open relays or open proxies. > >There are valid reasons not to run antivirus software, coupled with >clueless users, this results in machines that SPAM again just a few hours >after having been cleaned. First step is correctly to specify the system's properties. Yours is not a technical issue but one of user negligence. You have to build the solution around this fact. Curative measures that have worked elsewhere are: 1-Scan every client when it accesses 2-Disconnect compromised clients or route only to a warning page allowing access only to your tech support 3-First cleanup and advice to owner of compromised machine on how to be a good internet member is free; second costs $100; third results in permanent discontinuance of service and refusal to accept back as a client. These measures will fix your problem. Jeffrey Race
|