SpamButcher provides an advanced anti-spam email filter for end users. Its free 21-day trial is available for immediate download.|
Free Anti-Spam Download - Click Here!
Killing Spam Zombies Made Easy
This document is intended to help people with relatively little networking experience identify if they have a spam zombie problem and provide some basic strategies for dealing with them. This can include beginning system administrators responsible for networks up to 50 users, or the home user who is concerned their system may have been taken over.
It is not intended as a comprehensive guide to network security or intrusion detection. SpamButcher does not claim that the methods listed here will necessarily identify all zombies or other security threats. If you have concerns about your network's security, seek the guidance of an IT professional.
At any point in time there are millions of hacked computers, sending massive amounts of junk email throughout the world without their owner's knowledge or consent.
If you're a victim, your systems may operate slower and your network may be clogged with unidentifiable traffic. Your service provider may even shut off your connectivity or you could end up on an anti-spam blacklist. In the later case, various anti-spam filters may reject your email.
These compromised systems are known as spam zombies. By utilizing zombies, spammers can send ever increasing amounts of junk email, and circumvent many network-based spam control technologies. Zombie systems may also be used for other nefarious activities such as denial of service attacks.
This document is intended to help people responsible for small networks identify and eliminate spam zombie systems. The techniques described may also be useful in hunting down other kinds of zombies and suspicious network activity.
This article is geared towards the simplest, easiest to understand approaches to the problem as opposed to the most efficient or comprehensive. Experienced system administrators will probably have more advanced tools available and should use them.
Plan of action:
1. Detecting unexplained network traffic
2. Identifying suspect systems
3. Capturing and evaluating network traffic
4. Killing the zombie
5. Decreasing the risk of future infections
Next: Detecting unexplained network traffic >>