|
Composite Blocking List
In computer networking, the Composite Blocking List (CBL) is a DNS-based Blackhole List of suspected E-mail spam sending computer infections. Overview The CBL takes its source data from very large spamtraps/mail infrastructures, and only lists IPs exhibiting characteristics such as: * Open proxies of various sorts (HTTP, socks, AnalogX, wingate etc.) * Worms/viruses/botnets that do their own direct mail transmission, or are otherwise participating in a botnet. * Trojan horse or "stealth" spamware. The CBL attempts to avoid listing real mail servers, but certain misconfigurations of mail servers can make the system appear infected (for example, servers that send HELO with 'localhost' or a similar incorrect domain.) Entries automatically expire after a period of time. The CBL does not provide public access to gathered evidence. CBL data are used in Spamhaus The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Lin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DNSBL
A Domain Name System blocklist, Domain Name System-based blackhole list, Domain Name System blacklist (DNSBL) or real-time blackhole list (RBL) is a service for operation of mail servers to perform a check via a Domain Name System (DNS) query whether a sending host's IP address is blacklisted for email spam. Most mail server software can be configured to check such lists, typically rejecting or flagging messages from such sites. A DNSBL is a software mechanism, rather than a specific list or policy. Dozens of DNSBLs exist. They use a wide array of criteria for listing and delisting addresses. These may include listing the addresses of zombie computers or other machines being used to send spam, Internet service providers (ISPs) who willingly host spammers, or those which have sent spam to a honeypot system. Since the creation of the first DNSBL in 1998, the operation and policies of these lists have frequently been controversial, both in Internet advocacy circles and occasionally ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
E-mail Spam
Email spam, also referred to as junk email, spam mail, or simply spam, is unsolicited messages sent in bulk by email (spamming). The name comes from a Monty Python sketch in which the name of the canned pork product Spam is ubiquitous, unavoidable, and repetitive. Email spam has steadily grown since the early 1990s, and by 2014 was estimated to account for around 90% of total email traffic. Since the expense of the spam is borne mostly by the recipient, it is effectively postage due advertising. This makes it an excellent example of a negative externality. The legal definition and status of spam varies from one jurisdiction to another, but nowhere have laws and lawsuits been particularly successful in stemming spam. Most email spam messages are commercial in nature. Whether commercial or not, many are not only annoying as a form of attention theft, but also dangerous because they may contain links that lead to phishing web sites or sites that are hosting malware or include ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IP Address
An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface identification and location addressing. Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit number. However, because of the growth of the Internet and the depletion of available IPv4 addresses, a new version of IP (IPv6), using 128 bits for the IP address, was standardized in 1998. IPv6 deployment has been ongoing since the mid-2000s. IP addresses are written and displayed in human-readable notations, such as in IPv4, and in IPv6. The size of the routing prefix of the address is designated in CIDR notation by suffixing the address with the number of significant bits, e.g., , which is equivalent to the historically used subnet mask . The IP address space is managed globally by the Internet Assigned Numbers Authority (I ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Proxies
An open proxy is a type of proxy server that is accessible by any Internet user. Generally, a proxy server only allows users ''within a network group'' (i.e. a closed proxy) to store and forward Internet services such as DNS or web pages to reduce and control the bandwidth used by the group. With an ''open'' proxy, however, any user on the Internet is able to use this forwarding service. Advantages An ''anonymous open proxy'' is useful to those looking for online anonymity and privacy, as it can help users hide their IP address from web servers since the server requests appear to originate from the proxy server. It makes it harder to reveal their identity and thereby helps preserve their perceived security while browsing the web or using other internet services. Real anonymity and extensive internet security might not be achieved by this measure alone as website operators can use client-side scripts to determine the browser's real IP address and the open proxy may be ke ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Worm
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on the law of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming Bandwidth (computing), bandwidth, whereas Computer virus, viruses almost always corrupt or modify files on a targeted computer. Many worms are designed only to spread, and do not attempt to change the sy ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Virus
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses. Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. A computer worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks. Virus writers use social engineering deceptions and exploit detailed knowledge of security vulnerabilities to initially infect systems and to spread the virus. Viruses use complex anti-detection/stealth strategies to evade antivirus software. Motives for creating viruses can inclu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Botnet
A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation. Overview A botnet is a logical collection of Internet-connected devices, such as computers, smartphones or Internet of things (IoT) devices whose security have been breached and control ceded to a third party. Each compromised device, known as a "bot," is created when a device is penetrated by software from a ''malware'' (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers through communication channels formed by standards-based network protocols, suc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trojan Horse (computing)
In computing, a Trojan horse is any malware that misleads users of its true intent. The term is derived from the Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy. Trojans generally spread by some form of social engineering; for example, where a user is duped into executing an email attachment disguised to appear innocuous (e.g., a routine form to be filled in), or by clicking on some fake advertisement on social media or anywhere else. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller who can then have unauthorized access to the affected computer. Ransomware attacks are often carried out using a Trojan. Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves into other files or otherwise propagate themselves. Use of the term It's not clear where or when the concept, and this term for it, was first used, but by 1971 the first Unix manual assume ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Spamhaus Project
The Spamhaus Project is an international organisation based in the Principality of Andorra, founded in 1998 by Steve Linford to track email spammers and spam-related activity. The name ''spamhaus'', a pseudo-German expression, was coined by Linford to refer to an internet service provider, or other firm, which spams or knowingly provides service to spammers. Anti-spam lists The Spamhaus Project is responsible for compiling several widely used anti-spam lists. Many internet service providers and email servers use the lists to reduce the amount of spam that reaches their users. In 2006, the Spamhaus services protected 650 million email users, including the European Parliament, US Army, the White House and Microsoft, from billions of spam emails a day. Spamhaus distributes the lists in the form of DNS-based Blacklists ( DNSBLs) and Whitelists ( DNSWLs). The lists are offered as a free public service to low-volume mail server operators on the Internet. Commercial spam filtering ser ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Comparison Of DNS Blacklists
__NOTOC__ The following table lists technical information for assumed reputable DNS blacklists used for blocking spam. Notes "Collateral listings"—Deliberately listing non-offending IP addresses, in order to coerce ISPs to take action against spammers under their control. "Notifies upon listing"—Warns registrants of listed IP addresses or domains (so registrants can take actions to fix problems). Suspect RBL providers Suspect RBL providers are those who employ well-documented patterns of questionable or reckless practices or have questionable actors based on statements or communications from the RBL's principal management to official forums. These practices usually include acceptance of de-listing payments (also known as ransom payments) - which incentivizes fraud - such as is the case with UCEPROTECT/Whitelisted.org. Often, these RBL providers use circular rhetoric such as "only spammers would claim we are illegitimate" in furtherance of their scheme. These RBL providers ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CBL Index
The CBL Index is a ratio between the number of IP addresses in a given IP subnet (Subnetwork) to the number of CBL (Composite Blocking List) listings in the subnet. It may be used to measure how "clean" (of compromised computers) a given subnet is. The higher the number is, the "cleaner" the subnet. The CBL index may be represented in Decibels ( dB) or as CIDR suffix (*/xx). Note: other spam researchers prefer to use a percentage of IPs that are listed in a subnet. Using percentages is better suited for "unclean" subnets because "clean" nets have significantly less than 1% of addresses listed. Rationale The CBL DNSBL (Composite Blocking List) lists IP addresses that are compromised by a virus or spam sending infection (computer worm, computer virus, or spamware). The CBL's full zone (data) is available publicly via rsync for download. The CBL Index is a reasonably good tool for getting estimates of subnet "outgoing spam reputation". It should be treated with caution - subn ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security Procedures
A computer is a machine that can be programmed to carry out sequences of arithmetic or logical operations ( computation) automatically. Modern digital electronic computers can perform generic sets of operations known as programs. These programs enable computers to perform a wide range of tasks. A computer system is a nominally complete computer that includes the hardware, operating system (main software), and peripheral equipment needed and used for full operation. This term may also refer to a group of computers that are linked and function together, such as a computer network or computer cluster. A broad range of industrial and consumer products use computers as control systems. Simple special-purpose devices like microwave ovens and remote controls are included, as are factory devices like industrial robots and computer-aided design, as well as general-purpose devices like personal computers and mobile devices like smartphones. Computers power the Internet, which l ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
