Re: Interesting new spam technique - getting a lot more popular.

• From: Suresh Ramasubramanian
• Date: Wed Jun 14 00:16:49 2006

• Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=o/JgTRkGOEzrAZsYMMZC37SYm9xI1lSPOX1HZsKsTRtfDkMyLsvwuXYAP7A6+w8cyZ2SyAahcvzrT00LsKJ34aWp5SRXA3iCMb54Rl4eS7Vw9FeJ9uROqysNBTFsy3HaOAgknRgHgZXvTGz13nKyK1f8oSrysd+rzt/d14e001g=

That was not my advice btw - just forwarding on what I saw.

What you say does seem like a "must do" all right - but putting ARP
filters in is actually a reasonable idea.

On 6/14/06, Christopher L. Morrow
<[email protected]> wrote:

On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:
>
> http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html
>
>     * Monitor your local network for interfaces transmitting ARP
> responses they shouldn't be.

how about just mac security on switch ports? limit the number of mac's at
each port to 1 or some number 'valid' ?

--
Suresh Ramasubramanian ([email protected])

• Follow-Ups:
  • Re: Interesting new spam technique - getting a lot more popular. Christopher L. Morrow

• References:
  • Interesting new spam technique - getting a lot more popular. Suresh Ramasubramanian
  • Re: Interesting new spam technique - getting a lot more popular. Christopher L. Morrow

• Prev by Date: Re: Interesting new spam technique - getting a lot more popular.
• Next by Date: Re: Interesting new spam technique - getting a lot more popular.
• Date Index
• Thread Index
• Author Index
• Historical