Linux Today: Linux News On Internet Time.

Unplugging The World's Biggest Spam Host-- Temporarily

Nov 19, 2008, 18:16 (1 Talkback[s])
"The volume of junk e-mail sent worldwide dropped drastically today after a Web hosting firm identified by the computer security community as a major host of organizations allegedy engaged in spam activity was taken offline, according to security firms that monitor spam distribution online.
Host of Internet Spam Groups Is Cut Off

"In trying to get a sense of the activity attributed to McColo, I put together a flow chart, or mind map, showing McColo's relationship to various sites associated with botnet activity, spam, pharmacy domains, etc...

"The upper right-hand section of the graphic highlights the numeric Internet addresses assigned to McColo that experts, such as Joe Stewart, the director of malware research for Atlanta-based SecureWorks, say were used by some of the most active and notorious spam-spewing botnets -- agglomerations of millions of hacked PCs that were collectively responsible for sending more than 75 percent of the world's spam on any given day (for that sourcing, see the colorful pie chart at below, which is internet security firm Marshal.com's current view of the share of spam attributed to the top botnets -- again, click on it to enlarge). In the upper left corner of the flow chart are dozens of fake pharmacy domains that were hosted by McColo.
A Closer Look at McColo

"So why do hosting companies so often seem to tolerate spammers? First, once you graduate to the size ranks of companies like Global Crossing and Hurricane Electric, it’s nearly impossible to police every one of the thousands of customers occupying your network space. The infrastructure for monitoring their activities, even if you had a legal right to do so, would be prohibitively expensive and unwieldy.
McColo and the Difficulty of Fighting Spam

"Behind the scenes of the McColo and Intercage cases, a ferocious struggle is taking place between the purveyors of Web-based malware and loosely aligned but highly committed groups of security researchers who are out to neutralize them.
McColo takedown: Internet vigilantism or online Neighborhood Watch?"