Roughly 83 percent of inbound SMTP traffic consists of “spam and network intrusion precursors like directory harvest attacks (DHA), email denial of service (DoS) attacks, malformed SMTP packets, messages to non-existent recipient addresses, and other invalid email messages that should not be accepted into enterprise networks,” according to Tumbleweed’s Dark Traffic Report. From Q1 to Q3 of this year, there have been massive increases in Directory Harvest Attacks (up by 170 percent) and Denial of Service attacks (up by 300 percent), while the percentage of inbound traffic that is valid email has dropped to roughly 17 percent.
Tumbleweed implies that the answer is to have better appliances at network boundaries, and that could help. Unfortunately, more systemic solutions — hardened operating systems to prevent the creation of zombie machines, better agreements between ISPs, a hardened DNS, reputation systems for senders, message signing and so on — remain elusive. The really bad news in the report is that the economics of spamming still make it attractive.
Related posts
Link roundup for 11/18/07 If Social Networking Sites *Really* Wanted to Interoperate: this tongue-in-cheek piece points out existing and well supported standards (SMTP and IMAP) that cou ...
Security link roundup for 3/7/08 Disk encryption may not be secure enough, new research finds: Declan McCullagh at CNET has a good overview of the recently discovered attacks on disk encryption ...
Security link roundup 7/28/08 Email Hacking Going Commercial: Dancho Danchev writes on his blog about a commercial service that uses a software package with a collection of security vulnerab ...
Syndicate with RSS
Add New Comment
Thanks. Your comment is awaiting approval by a moderator.
Do you already have an account? Log in and claim this comment.
Add New Comment