EmailSafety.net - Commtouch takes aim at zombie machines

Commtouch takes aim at zombie machines

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Community

Demanding business applications have Cisco and rival HP ProCurve featuring their network behavior analysis strengths

RE: Top IPv6 guru predicts last-minute switch to protocol

11 Cisco ATP MDS fabric switching partners are now serving the United States

All security forums

Story tools

Sponsored by:

E-Mail article
Print article
Contact author	Reprint
AIM article	del.icio.us
Reddit	Digg
Stumble	Slashdot It!

Commtouch, an Israeli security firm that specializes in protecting e-mail integrity (compare products), unveiled its GlobalView Mail Reputation Service last week with the goal of quickly identifying messages that are sent out from infected computers that comprise botnet swarms.

Read the latest WhitePaper - Managing Mobility: An IT White Paper Perspective

Herson, who says that her company analyzes “about a billion messages a day,” explains that the system looks for IP addresses where particularly large amounts of mail have been sent out and identifies whether or not they're being used to send out spam. If a certain IP address is identified as the home of a spamming computer, then the system uses a technique known as throttling that places a cap on how many messages can be received by that address within the system. This way, someone who is unwittingly using a zombie computer for legitimate purposes may send out a limited number of messages and not be blocked by the system.

“Our tracking process is a real-time process,” says Herson. “Commtouch is constantly gathering information and analyzing it. We've found that typically within 15 minutes we can identify most of the IP addresses involved in a spam or malware outbreak.” Zombie networks have become the weapon of choice for spammers in recent years, and Commtouch estimates that 85% of spam worldwide is sent from infected botnet computers. A recent survey of ISPs conducted by Arbor Networks found that botnets, which are networks of bots that are used to carry out distributed DoS attacks and usually reside within unwitting zombie computers, are seen as the most significant threat by ISPs. In addition to sending spam, botnets can be used to deploy powerful large-scale distributed DoS attacks that can reach rates of over 20Gbps.

“The tremendous increase in the volume of spam and e-mail-borne threats over the past 12 months has made it necessary to find new methods for intercepting unwanted mail at the network entrance,” says Michael Osterman, principal of Osterman Research, who adds that Commtouch's new service “provides effective real-time ranking for every sender trying to send e-mail to an organization, significantly reducing the mass of mail that would otherwise come into the network.” Commtouch says that implementing its service will not only provide increased e-mail security but also will reduce IT expenditures by lowering the amount of bandwidth spent on receiving spam.

1 | 2 | Next >

Recent News:

· McColo takedown: Vigilantism or Neighborhood Watch?
· Spam drop could boost Trojan attacks
· Hosting firm shutdown forces botnets to relocate
· ISP cut off from Internet after security concerns
· Spam plummets after hosting service shuttered

Site Map | Recent News | Related Sites

Other stories on this topic

Community

Story tools

Sponsored by: