Storage Daily
Security Daily
Networking Daily
 FREE NEWSLETTERS
search
 

follow us on Twitter


internet.commerce
Be a Commerce Partner

internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers


Security Products
 WebAllow (Ashkon Technology LLC)
 USB Port Protection Software (Keylogger)
 Google Chrome Password Recovery (XaviWare Software Ltda.)
 Access Password Recovery (Barcode Design Software)
 Lock Folder Lock File! (Lock Folder Lock File! Software)
 Recover Thumb Drive Files (Data Recovery Software Downloads)
» Enterprise IT Planet » Security » Security Features

Stopping Spam before the Gateway: Honeypots

By Steven J. Vaughan-Nichols
November 13, 2003

Email Print Digg This Add to del.icio.us
Do you want to be aggressive, very aggressive in stopping spam? Then what you might want to do is to set up a fake open proxy or e-mail relay as a honeypot.

Honeypots are an ancient, but still effective security tool. Traditionally a honeypot is a server that looks like it has very attractive files and has a security hole in it. Crackers will then break into the honeypot in search of pirated copies of games, trade secrets or such.

In reality, there's nothing of any real value in the honeypot. By watching who breaks into the honeypot, you can audit would-be attackers as they hunt for the goodies until you know exactly who they are and you can then put the cuffs on them.

Some black-list administrators, notably Ron Guilmette, has taken this basic idea and turned it into an anti-spam approach. It works in exactly the same way. Since a spammer doesn't know what proxies or relays are open to abuse by spammers, they are constantly testing sites for new and vulnerable relays. In fact, a spammer probably has no idea what sites he is using to spread spam. Most simply rely on automatic scripts to find new sites as old open relays are either fixed or knocked off the net by being listed on a blacklist.

If you're not sure yourself about whether your mail servers are open, you should get a copy of Mail Relay Tester or run the Abuse.net mail relay test, and test out your own system.

If you're well past the point of needing such tools, you may be ready to try to nail spammers with a honeypot. The most basic way to do it is to simply set up an insecure mail server, aka relay, and wait for the spammers to come to you.

Then, one simply reads your incoming log for visitor's IP address, looks up what ISP owns that IP address and report to the ISP that they have a spammer at X IP addresses as a member. Or, as Brad Spencer, a retired systems manager for the University of Wisconsin and honeypot advocate puts it, "Boom! There went the much-exaggerated 'anonymity' of the spammers."

If you don't want to build your own open relay honeypot, you can simply download a complete package like Jackpot, which is a ready-to-run Simple Mail Transport Protocol (SMTP) relay honeypot, Bubblegum Proxypot. Bubblegum is written in Perl and runs on Linux, but its developer believes that it should run on most Perl-friendly systems.

Page 2: With Rewards Come Risks

Go to page: 1  2  Next  

Email Print Digg This Add to del.icio.us

Security Features Archives




The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers

Solutions

Whitepapers and eBooks

Intel Whitepaper: 2010 Intel Core vPro Processors Overview
Article: Adobe Helps PHP Developers Create Rich Internet Applications
Article: Reduce Your Infrastructure Costs with Microsoft System Center
Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent
Article: Security Enhancements Abound in Windows Server 2008
Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs
Microsoft Whitepaper: Improve Communications and Collaboration
 Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor
Microsoft Personalized Whitepapers and Resources for You
Microsoft Articles: Visual Studio 2010
Adobe Article: Java Developers Finding a Home at Adobe Flex
Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence.
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

IBM Cloud Computing for Developers Virtual Event, April 6-8
Micro Focus Webcast: Boosting the Impact and Effectiveness of Software Development QA and Testing
Microsoft Webcast: Simplified Access and Single Sign-On
Intel Video: 2010 Intel Core Processor Technologies
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Adobe Download: Tour de Flex Application and Explore Flex
HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us
 Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Free Adobe Online Flex Training: Check Out this Video Training Course Here
Learn Unified Communications
Learn SQL Server 2008
Learn Windows Server 2008 R2
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products
 Learn Forefront
Learn System Center
All About Botnets
Learn SharePoint
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES