Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Flood Unabated After Bust

Posted by kdawson on Monday October 20, 2008 @11:30AM from the removing-a-cup-of-water-from-the-sea dept.

AcidAUS writes "Last week's bust of the largest spam operation in the world has had no measurable impact on global spam volumes. The spam gang, known by authorities and security experts as HerbalKing, was responsible for one-third of all spam, the non-profit antispam research group Spamhaus said." The article speculates that the operators of HerbalKing simply passed on to associates the keys to the automated, 35,000-strong botnet, and the spam flow didn't miss a beat.

1 of 188 comments (clear)

Min score:

Reason:

Sort:

Re:This type of thing is only going to continue by Fastolfe · 2008-10-20 13:30 · Score: 4, Informative

Even if it has a firewall, it's probably third-party software, and as such, doesn't start until after the network interface is up and running, leaving a huge (by computer standards) window of opportunity for the box to get pw0ned. And, of course, the same is true for any anti-virus running.

First, XP has a firewall built in. It's not likely to be "third-party software". Second, firewalls and virus scanners use the same Windows Filtering Platform to do their work. This platform installs boot-time filters that are in effect until the user-mode software is finally up, at which point there's an atomic hand-off. At no time is the system open to any sort of "window of opportunity" like you describe.