On 09/10/06, Marc Samendinger <marc.samendinger_at_sp-online.de> wrote:
> They have/had the same problem you are raising, gaining a list of
> urls to crawl. One of their idea was to set up a wiki with urls where
> malware was found. But I have no idea how far they have come with
> setting up a wiki like this.
There should be plenty of these in spam.
Someone suggested setting up a secondary MX - spammers tend to prefer
secondaries as they often have no or limited filtering.
You could also set up a spam honeypot (
http://en.wikipedia.org/wiki/Honeypot_%28computing%29#Spam_honeypots )
like Jackpot and use the results from there.
I seem to remember Messenger spam containing lots of dodgy links, look
for UDP packets going to ports 1025-1030 or so.
cheers,
Jamie
--
Jamie Riden, CISSP / jamesr_at_europe.com / jamie.riden_at_gmail.com
NZ Honeynet project - http://www.nz-honeynet.org/
Received on Oct 09 2006
Intro
