Europe Home to Majority of Zombies 357
Rei writes "According to a recent CipherTrust study, the majority of Zombie PCs reside not in the US or China, but in Europe. Of the European zombies, 2/3 were either in Germany, France, or Britain. The results were released with the announcement of CipherTrust's new ZombieMeter. As a response to previous reports of high zombie activity, the London Action Plan launched Operation Spam Zombies in cooperation with numerous governments around the world."
Re:isn't surprising (Score:2, Insightful)
Re:Why is this so? (Score:5, Insightful)
I'm surprised there isn't a RBL for zonbies yet (Score:5, Insightful)
I worked at Netcom when we ended up on the RBL. We did not have strong Spam protection; for example, our credit card verifier did not contact the credit card company before giving someone internet access. Even after being placed on the RBL, management was unwilling to expend the resources needed to stop our Spam problem; they thought the RBL would just go away. Meanwhile, the number of people calling or emailing technical support doubled because they could not send mail increased (I helped make some graphs showing the increase in emails to tech support to convince management that this was a real problem). It took months for management to wake up, smell the coffee, and make it harder for spammers to get throw-away accounts on Netcom's network.
(For NANOG regulars at the time: It was I who wrote the "Keman-bot")
A similiar list needs to be set up; if a given ISP has zombies and does not cut off said zombies from the internet, the ISP needs to be blacklisted RBL style. Maybe then management will do something about the zonbie problem--such as cutting of zombie machines from the internet (redirecting all HTTP queries to a "You're a zombie so we cut you off page" for example).
Re:duh (Score:5, Insightful)
As a safety measure, the IP address has to be reported by X number or percent of the participating Postfix hosts to be considered valid.
Any IP address is added for a short period of time, say 72 hours, so if it's a machine that is hacked and quickly fixed the IP isn't blacklisted forever.
It seems like a distributed, real-time system like this would be effective.
Re:This might give us a hint ... (Score:1, Insightful)
This book could save your life!
Re:This is so obvious. (Score:2, Insightful)
Yes, and Shaun of the Dead last year made it even more clear.
Re:That's easy. (Score:1, Insightful)
Re:flawed study (Score:1, Insightful)
Yes, Europeans are very, very good at considering the statistics for Europe a whole when that's to their advantage (such as comparing to the US's GDP), and considering themselves separate countries when *that's* to their advantage, such as in spam statistics.
(I'm just an AC, but c'mon, this is insightful dangit!)
Re:Hooray for the Internet (Score:1, Insightful)
Re:That isn't what the Zombie Meter says... (Score:2, Insightful)
I thought that the cause of all those zombies rather was a stupid OS from some Redmond company...