Situational Awareness: Spam Crisis and China

Published: 2009-06-20
Last Updated: 2009-06-22 19:02:17 UTC
by Scott Fendley (Version: 2)
3 comment(s)

Gary Warner, Director of Research at the UAB Computer Forensics, posted a very interesting analysis from the past 48 days concerning the amount of spam which has ties to China. 

The post is a call for increased awareness of the situation with certain registrars and hosting providers in China who have become spam havens in recent times.  It is our hope as with Gary's that by exposing the amount spam, fraudulent messages, and criminal activity occurring within a few areas of China, that those of you who have contacts in China may be able to educate our respective counterparts at ISPs, hosting providers and in law enforcement to the statistics.  With that education, we expect that the government or high level business personnel will take appropriate steps to mitigate this situation as has been done with other locations in years past.

Thanks Gary for posting this very enlightening blog located at


With that form of spam crisis in mind for everyone, I am curious if anyone else in higher education noticed that the last couple of classes of freshman do not use email at an increasing rate.  It has been my observation that the spam problems along with the growth of social networking sites like facebook and twitter that this future generation will continue the trend away from traditional email delivery in lieu of other forms of messaging.  This seems to be causing some problems within the higher-ed community with how to officially communicate to students without looking like spammers ourself in these other communication venues.  Perhaps a new crisis on the way for those of us who must do "official spam" to our organizations.

Scott Fendley
ISC Handler on Duty

Keywords: awareness China spam
3 comment(s)

G'day from Sansfire2009

Published: 2009-06-20
Last Updated: 2009-06-20 18:46:03 UTC
by Mark Hofman (Version: 1)
0 comment(s)

Well SANSFIRE 2009 is drawing to a close.  As you may know SANSFIRE is the SANS conference hosted by the Storm Center.  A number of the handlers give presentations and it allows us to meet face to face, usually over a beer or two.  Yes we do talk about normal stuff, but there is a fair amount of geek speak during these meetings.  It is a nice opportunity to shoot the breeze, share ideas and even do some planning.  A number of us have never met face to face so it was very nice to put a face to the email/IM or diary entry. 

The various handler talks were webcast and should be available online I'll put a link in as soon as I know where. 

A number of us attended classes and sessions.  Steve H was in 709 Developing Exploits for Penetration Testers and Security Researchers, his head did not explode, he seems to have goten through quite nicely.   One of the highlights for me was the scapy workshop presented by Judy Novak.  I had played a little with the tool previously, but this was something else.  She makes it very simple and from the responses in the room it was very well received.   It might be a bit short to do the workshop in Canberra, but we'll schedule it for Sydney if we can.  Scapy allows you to craft your own packets,  it is very flexible and easy to use.  Well worth a look if you need to test an IDS, firewall or just send some packets and play with results. 

Anyways, time to pack up and start heading for a plane.

Mark H

Keywords: sansfire 2009
0 comment(s)


Diary Archives