DOCSLIB.ORG

Cisco Content Security Technology Overview and Update

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Cisco Content Security Technology Overview And Update Hrvoje Dogan Security Solutions Architect, SBG [email protected] C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 • Email Security Evolution • Inbound Protection Features • Outbound Control Features Agenda • Web Security Trends • Web Security Appliance and Update • Cloud Web Security and Update C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document. C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 Email Threat Landscape Evolution: Inbound HIGH VOLUME LOW VOLUME ? LOW $ VALUE HIGH $ VALUE Past Today Tomorrow ??? Targeted Attacks Virus Outbreaks Blended Phishing Threats Targeted Spam Phishing Network Evasions Inbound Threats Inbound Polymorphic Code Botnets Advanced Conficker Persistent Threats Covert, Sponsored Image Targeted Attacks Code Red Spam Slammer Stuxnet Custom URL Attachment-based Worms C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 Email Threat Landscape Evolution: Outbound LOW VOLUME HIGH VOLUME ? LOW $ IMPACT HIGH $ IMPACT Past Today Tomorrow Changing legislation Intellectual property European Union laws Customer asset loss Trade secrets Data breaches State laws Federal laws Outbound Compliance Corporate espionage Province laws Legal documents HIPAA State regulations Credit card numbers PCI Product-planning documents 4 Brand Social security numbers Access email only By 2015, access Access email from behind from over 7B Usage anywhere, anytime corporate firewall mobile devices C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Global Spam Volume Trend Tripled since January Highest level since 2010 Anti-spam industry problem Cisco maintains efficacy leadership Source: http://www.opus1.com/www/whitepapers/antispamresults2013.pdf Volume UP = Count of Spam UP Source: http://www.spamcop.net/spamgraph.shtml?spamyear Source: http://cbl.abuseat.org/totalflow.html C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 Jan 2013 – Apr 2014 C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Missed Spam Analysis Offer spam (Micro-category) = Sell goods or services. Categories of Missed Spam (customer submissions since Jan/14) Diplomas Mkt Svcs Casino Majority of Offer spam uses Snowshoe techniques Seminar Link Insurance Malware Dating Porn Luxury Snowshoe spam – technique used by spammers to Drug Loan Stocks Lottery cover their tracks, go under the radar. Its objective is Job to defeat traditional Anti-Spam techniques. Scam short campaigns – morphs fast – constantly changing Phish Anti-Sender Reputation Anti-Content Analysis • Never use the same IP to send • Never use the same series of more than x amount of spam in words more than y period of time. • Never reuse the same images • Never send the same spam • Never use the same URL Offer from the same IP. Not “new” techniques, however, usage has increased Fine line to balance catch rate and false positive C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 Opus One Report April 2014 Cisco’sThis graphic email securitywas published solution by demonstrated Opus One in thetheir highest2014 “COMPARING spam capture INDUSTRY-LEADINGrate and the most accurate rate of detection. The results are remarkable given the tradeoffANTI-SPAM between SERVICES” spam capture and false positive rates.All of theFor anti-spam example, solutions a vendor in Gartner’s can catchJuly 2013 100% “Leaders” of spamand “Challengers” if they block Magic every Quadrant message categories but were then tested. the falseIn total, eight vendors were evaluated over the course of a year. positiveThe only ratevendor would mentioned also by be name 100%, is Cisco which (Cisco’s is obviously Email unacceptable.Security Appliance was previously called “Ironport” but Cisco is Ciscophasing consistently out the IronPort outperformed brand name). The the remaining other vendors, vendor names have been obfuscated. with the highest spam capture rate in eight of the twelveTo ensure months consistency measured. and reliability, When Opus another One operated vendor within had the following parameters during the 12-month long analysis from a Januarybetter 2013anti-spam to December catch 2013. rate than Cisco, it came at the cost of a significantly higher false positive rate: from 16 to 40 times worse. Opus One Joel Snyder, April 2014 C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 There is no Silver Bullet Attack Continuum BEFORE DURING AFTER Control Detect Scope Enforce Block Contain Harden Defend Remediate Gaps in protection Point-in-time Malware prevention as new attack defenses can be is not 100% vectors emerge evaded C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Cisco Email Security Threat Defense Complete Inbound Protection SenderBase Reputation Filtering Drop Anti-Spam Drop/Quarantine Cisco® SIO Anti-Virus Drop/Quarantine Advanced Malware Protection AMP Drop/Quarantine Outbreak Filters Quarantine/Re-write Real-time URL Analysis cws Re-write Deliver Quarantine Drop URLs C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again. Cisco SenderBase: Email Reputation Database Threat Intelligence Spam Traps Complaint IP Blacklists • Over 1.6M global devices Reports and Whitelists • Historical library of 40,000 threats • 35% of global email traffic seen per day • 13B+ Worldwide web requests seen per day • 200+ parameters tracked Message Compromised Website • Multi-vector visibility Composition Host Lists Composition Data Data Benefits • 360 degree dynamic threat visibility Global Volume Domain Other Data • Understanding of vulnerabilities and Data Blacklist and exploit technologies Safelists • Visibility into highest threat vehicles • Latest attack trends and techniques IP Reputation Score C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. -10 0 +10 Cisco Confidential 12 DKIM and SPF DNS Email Authentication Your Company Trusted_Partner.com Verified SIGNEDü Cisco ESA Imposter Trusted_Partner.com Drop/Quarantine • Block phishing and spoofing attacks • Apply more liberal policies to AUTHENTICATED external sources C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 DMARC DNS Standardizing Email Authentication DMARC p=reject Trusted_Partner.com Verified SIGNEDü Report Cisco ESA Imposter Drop/Quarantine Trusted_Partner.com • Reduce the exposure of your users to phishing • Tie DKIM and SPF together and address their shortcomings • Identifies actions to take if message authentication fails for sender’s domains • Allows for sending of aggregate reports back to sending domain to inform of message disposition C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 URL Defense Integrated email and web security Rewrite Email Contains URL Send to Cloud BLOCKEDwww.playboy.comBLOCKED Defang BLOCKEDwww.proxy.orgBLOCKED Cisco SIO Replace “This URL is blocked by policy” URL Categorization C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 Cisco Zero-Hour Malware Protection Advanced Malware Protection Reputation SourceFire AMP update integration File File Reputation Sandboxing Known File Unknown files are Reputation uploaded for sandboxing Advanced Malware Protection Outbreak Filters Cloud Powered Zero-Hour Telemetry Based Zero-Hour Malware Detection Virus and Malware Detection C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 Key Features of AMP • Blocks files known to be malicious File Reputation • Reputation verdicts delivered by AMP cloud intelligence network • Behavioral analysis of unknown files File Sandboxing • Looks for suspicious behavior • Feeds intelligence back to AMP cloud • Continuous analysis of files that have traversed the gateway File Retrospection • Retrospective alerting after an attack when file is determined to be malicious C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Layered Protection across the Attack Continuum Reputation Filtering Block BEFORE Cisco® SIO URL Filtering Block Signature, AV, Spam scanning Block DURING File Reputation Block SourceFire AMP Cloud File Behavior Block AFTER File Retrospection Alert C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18 Cisco Email Security Provides Strong Outbound Control Rate Limiting Encrypt AS/AV Checks Compliance/ DKIM/SPF Outbound DLP Sensitive Data Sender Recipient C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 Rate Limiting Outbound Rate Limit Per Mail
Recommended publications
  • Busting Blocks: Revisiting 47 U.S.C. §230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters

    Busting Blocks: Revisiting 47 U.S.C. §230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters

    Digital Commons @ Touro Law Center Scholarly Works Faculty Scholarship 2011 Busting Blocks: Revisiting 47 U.S.C. §230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters Jonathan I. Ezor Touro Law Center, [email protected] Follow this and additional works at: https://digitalcommons.tourolaw.edu/scholarlyworks Part of the Commercial Law Commons, Communications Law Commons, and the Science and Technology Law Commons Recommended Citation Jonathan I. Ezor, Busting Blocks: Revisiting 47 U.S.C. § 230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters, XVII Rich. J.L. & Tech. 7 (2011), http://jolt.richmond.edu/ v17i2/article7.pdf. This Article is brought to you for free and open access by the Faculty Scholarship at Digital Commons @ Touro Law Center. It has been accepted for inclusion in Scholarly Works by an authorized administrator of Digital Commons @ Touro Law Center. For more information, please contact [email protected]. Richmond Journal of Law and Technology Vol. XVII, Issue 2 BUSTING BLOCKS: REVISITING 47 U.S.C. § 230 TO ADDRESS THE LACK OF EFFECTIVE LEGAL RECOURSE FOR WRONGFUL INCLUSION IN SPAM FILTERS By Jonathan I. Ezor∗ Cite as: Jonathan I. Ezor, Busting Blocks: Revisiting 47 U.S.C. § 230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters, XVII Rich. J.L. & Tech. 7 (2011), http://jolt.richmond.edu/v17i2/article7.pdf. I. INTRODUCTION: E-MAIL, BLOCK LISTS, AND THE LAW [1] Consider a company that uses e-mail to conduct a majority of its business, including customer and vendor communication, marketing, and filing official documents.
  • Characterizing Spam Traffic and Spammers

    Characterizing Spam Traffic and Spammers

    2007 International Conference on Convergence Information Technology Characterizing Spam traffic and Spammers Cynthia Dhinakaran and Jae Kwang Lee , Department of Computer Engineering Hannam University, South Korea Dhinaharan Nagamalai Wireilla Net Solutions Inc, Chennai, India, Abstract upraise of Asian power houses like China and India, the number of email users have increased tremendously There is a tremendous increase in spam traffic [15]. These days spam has become a serious problem these days [2]. Spam messages muddle up users inbox, to the Internet Community [8]. Spam is defined as consume network resources, and build up DDoS unsolicited, unwanted mail that endangers the very attacks, spread worms and viruses. Our goal is to existence of the e-mail system with massive and present a definite figure about the characteristics of uncontrollable amounts of message [4]. Spam brings spam and spammers. Since spammers change their worms, viruses and unwanted data to the user’s mode of operation to counter anti spam technology, mailbox. Spammers are different from hackers. continues evaluation of the characteristics of spam and Spammers are well organized business people or spammers technology has become mandatory. These organizations that want to make money. DDoS attacks, evaluations help us to enhance the existing technology spy ware installations, worms are not negligible to combat spam effectively. We collected 400 thousand portion of spam traffic. According to research [5] most spam mails from a spam trap set up in a corporate spam originates from USA, South Korea, and China mail server for a period of 14 months form January respectively. Nearly 80% of all spam are received from 2006 to February 2007.
  • Index Images Download 2006 News Crack Serial Warez Full 12 Contact

    Index Images Download 2006 News Crack Serial Warez Full 12 Contact

    index images download 2006 news crack serial warez full 12 contact about search spacer privacy 11 logo blog new 10 cgi-bin faq rss home img default 2005 products sitemap archives 1 09 links 01 08 06 2 07 login articles support 05 keygen article 04 03 help events archive 02 register en forum software downloads 3 security 13 category 4 content 14 main 15 press media templates services icons resources info profile 16 2004 18 docs contactus files features html 20 21 5 22 page 6 misc 19 partners 24 terms 2007 23 17 i 27 top 26 9 legal 30 banners xml 29 28 7 tools projects 25 0 user feed themes linux forums jobs business 8 video email books banner reviews view graphics research feedback pdf print ads modules 2003 company blank pub games copyright common site comments people aboutus product sports logos buttons english story image uploads 31 subscribe blogs atom gallery newsletter stats careers music pages publications technology calendar stories photos papers community data history arrow submit www s web library wiki header education go internet b in advertise spam a nav mail users Images members topics disclaimer store clear feeds c awards 2002 Default general pics dir signup solutions map News public doc de weblog index2 shop contacts fr homepage travel button pixel list viewtopic documents overview tips adclick contact_us movies wp-content catalog us p staff hardware wireless global screenshots apps online version directory mobile other advertising tech welcome admin t policy faqs link 2001 training releases space member static join health
  • WHITE PAPER Email Deliverability Review

    WHITE PAPER Email Deliverability Review

    WHITE PAPER Email DELIVeraBility REView dmawe are the White Paper Email Deliverability Review Published by Deliverability Hub of the Email Marketing Council Sponsored by 1 COPYRIGHT: THE DIRECT MARKETING ASSOCIATION (UK) LTD 2012 WHITE PAPER Email DELIVeraBility REView Contents About this document ...............................................................................................................................3 About the authors ...................................................................................................................................4 Sponsor’s perspective .............................................................................................................................5 Executive summary .................................................................................................................................6 1. Major factors that impact on deliverability ..............................................................................................7 1.1 Sender reputation .............................................................................................................................7 1.2 Spam filtering ...................................................................................................................................7 1.3 Blacklist operators ............................................................................................................................8 1.4 Smart Inboxes ..................................................................................................................................9
  • Mastering Spam: a Multifaceted Approach with the Spamato Spam Filter System

    Mastering Spam: a Multifaceted Approach with the Spamato Spam Filter System

    Research Collection Doctoral Thesis Mastering Spam: A Multifaceted Approach with the Spamato Spam Filter System Author(s): Albrecht, Keno Publication Date: 2006 Permanent Link: https://doi.org/10.3929/ethz-a-005339283 Rights / License: In Copyright - Non-Commercial Use Permitted This page was generated automatically upon download from the ETH Zurich Research Collection. For more information please consult the Terms of use. ETH Library DISS. ETH NO. 16839 Mastering Spam A Multifaceted Approach with the Spamato Spam Filter System A dissertation submitted to the SWISS FEDERAL INSTITUTE OF TECHNOLOGY ZURICH for the degree of Doctor of Sciences presented by KENO ALBRECHT Dipl. Inf. born June 4, 1977 citizen of Germany accepted on the recommendation of Prof. Dr. Roger Wattenhofer, examiner Prof. Dr. Gordon V. Cormack, co-examiner Prof. Dr. Christof Fetzer, co-examiner 2006 Abstract Email is undoubtedly one of the most important applications used to com- municate over the Internet. Unfortunately, the email service lacks a crucial security mechanism: It is possible to send emails to arbitrary people with- out revealing one’s own identity. Additionally, sending millions of emails costs virtually nothing. Hence over the past years, these characteristics have facilitated and even boosted the formation of a new business branch that advertises products and services via unsolicited bulk emails, better known as spam. Nowadays, spam makes up more than 50% of all emails and thus has become a major vexation of the Internet experience. Although this problem has been dealt with for a long time, only little success (measured on a global scale) has been achieved so far.
  • 84. Blog Spam Detection Using Intelligent Bayesian Approach

    84. Blog Spam Detection Using Intelligent Bayesian Approach

    International Journal of Engineering Research and General Science Volume 2, Issue 5, August-September, 2014 ISSN 2091-2730 Blog-Spam Detection Using intelligent Bayesian Approach - Krushna Pandit, Savyasaachi Pandit Assistant Professor, GCET, VVNagar, E-mail- [email protected] , M - 9426759947 Abstract Blog-spam is one of the major problems of the Internet nowadays. Since the history of the internet the spam are considered a huge threat to the security and reliability of web content. The spam is the unsolicited messages sent for the fulfillment of the sender’s purpose and to harm the privacy of user, site owner and/or to steal available resource over the internet (may be or may not be allocated to).For dealing with spam there are so many methodologies available. Nowadays the blog spamming is a rising threat to safety, reliability, & purity of the published internet content. Since the search engines are using certain specific algorithms for creating the searching page-index/rank for the websites (i.e. google-analytics), it has attracted so many attention to spam the SMS(Social Media Sites) for gaining rank in order to increase the company’s popularity. The available solutions to malicious content detection are quite a more to be used very frequently in order to fulfill the requirement of analyzing all the web content in certain time with least possible ―false positives‖. For this purpose a site level algorithm is needed so that it can be easy, cheap & understandable (for site modifiers) to filter and monitor the content being published. Now for that we use a ―Bayes Theorem‖ of the ―Statistical approach‖.
  • Fighting Spam: Tools, Tips, and Techniques

    Fighting Spam: Tools, Tips, and Techniques

    Fighting Spam: Tools, Tips, and Techniques Brian Sebby Argonne National Laboratory [email protected] National Laboratories Information Technology Summit ‘08 May 11, 2008 1 Part I: Introduction 2 2 Argonne National Laboratory IT Environment Challenges Diverse population: – 2,500 employees – 10,000+ visitors annually – Off-site computer users – Foreign national employees, users, and collaborators Diverse funding: – Not every computer is a DOE computer. – IT is funded in many ways. Every program is working in an increasingly distributed computing model. Our goal: a consistent and comprehensively secure environment that supports the diversity of IT and requirements. Argonne is managed by the UChicago Argonne LLC for the Department of Energy. 3 3 Emphasis on the Synergies of Multi-Program Science, Engineering & Applications Accelerator Fundamental Research Physics Computational Infrastructure Science Analysis Materials Characterization Catalysis Science Transportation Science User Facilities Nuclear Fuel Cycle Structural .. and much more. Biology 4 4 My Background I joined Argonne in 2000. In 2002, Argonne moved to a mail gateway setup with SpamAssassin. I took over the gateway in 2003. 2004: First appliance evaluation 2005: Greylisting added to our gateway 2006: SURBL, SARE rules added to SpamAssassin 2006: SPF enabled, disabled 2007: Second appliance evaluation, moved gateway services to appliance Today: Manage our appliances, and internal mail servers running Postfix 5 5 Argonne’s Typical Mail Flows On an average day, the primary inbound mail gateway at Argonne receives: – ~ 250,000 messages – ~ 200,000 (80%) are stopped by our appliance’s Reputation Filters – ~ 3,000 (1.2%) are stopped as invalid addresses – ~ 10,000 (4%) are flagged as spam – ~ 37,000 (15%) are clean messages Our backup inbound mail gateway receives: – ~ 110,000 messages – ~ 108,000 (98%) are stopped by our appliance’s Reputation Filters – ~ 200 (0%) are stopped as invalid addresses – ~ 1,500 (2%) are flagged as spam – ~ 500 (0%) are clean messages 6 6 This Talk is… NOT a tutorial.
  • Draft NIST Special Publication 800-177, Trustworthy Email

    Draft NIST Special Publication 800-177, Trustworthy Email

    This (First) DRAFT of Special Publication 800-177 document has been superceded by the following draft publication: The first draft has been attached for HISTORICAL PURPOSE – PLEASE refer to the Second Draft (see details below): Publication Number: Second Draft Special Publication 800-177 Title: Trustworthy Email Publication Date: March 2016 Second Draft Publication: http://csrc.nist.gov/publications/PubsDrafts.html#800-177 Information on other publications: http://csrc.nist.gov/publications/ The following information was posted with the attached DRAFT document: NIST requests comments on the second draft of Special Publication (SP) 800-177, Trustworthy Email. This draft is a complimentary guide to NIST SP 800-45 Guidelines on Electronic Mail Security and covers protocol security technologies to secure email transactions. This draft guide includes recommendations for the deployment of domain-based authentication protocols for email as well as end-to-end cryptographic protection for email contents. Technologies recommended in support of core Simple Mail Transfer Protocol (SMTP) and the Domain Name System (DNS) include mechanisms for authenticating a sending domain (Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM) and Domain based Message Authentication, Reporting and Conformance (DMARC). Email content security is facilitated through encryption and authentication of message content using S/MIME and/or Transport Layer Security (TLS) with SMTP. This guide is written for the federal agency email administrator, information
  • Email Deliverability: the Ultimate Guide

    Email Deliverability: the Ultimate Guide

    1 Email Deliverability: the Ultimate Guide Why does email deliverability matter? According to the "2015 Email Data Quality Trends Report" by Experian, a majority (73%) of companies experienced email deliverability issues in the past 12 months. Return Path has reported that over 20% of legitimate email are missing. Undoubtedly, marketers have problems with deliverability, and that negatively affects their business. "The most common consequences of poor email deliverability are the inability to communicate with subscribers (41%), poor customer service (24%), unnecessary costs (22%), and lost revenue (15%)" - the Experian's "2015 Email Data Quality Trends Report." How to deliver emails to the recipient's Inbox? This simplest question might have the most complicated answer. As an email marketer, you have to make people engage with your emails in a positive way: open, click, forward or reply. Recipient engagement is a powerful factor that mailbox providers rely on when filtering inbound messages. Keeping recipients engaged is not just about sending beautiful, optimized emails. It's also about positioning yourself as a reputable sender, avoiding spam filters and getting to the user's Inbox. That's where email deliverability comes in. 2 In this article, we'll touch the most important factors that determine email deliverability and should be on the mind of every marketer: 1. Permission-Based Marketing: - Single Opt-In vs. Confirmed Opt-In - Pre-checked Boxes or Passive Opt-in - Subscriber's Expectations 2. Sender Reputation: - Branding - Spam Traps - Bounces and Complaints - Monitoring Tools 3. Sending Infrastructure: - Shared IP vs. Dedicated IP - Blacklists - Email Authentication - Feedback Loops 3 1.
  • QUICK LOOK • Blacklists, Also Called 'Blocklists', Are Lists of Mail Servers Or Domains That Have Been Identified by a Blacklist Provider As Being a Source of Spam

    QUICK LOOK • Blacklists, Also Called 'Blocklists', Are Lists of Mail Servers Or Domains That Have Been Identified by a Blacklist Provider As Being a Source of Spam

    QUICK LOOK • Blacklists, also called 'blocklists', are lists of mail servers or domains that have been identified by a blacklist provider as being a source of spam. • There are dozens of blacklists across the Internet; however, only a handful are considered reliable enough for widespread usage. • The criteria for appearing on blacklists are different for each list, and may be factbased or completely arbitrary, making it sometimes challenging to get removed from blacklists. • Given the unique nature of each blacklist, appearance on a blacklist may or may not present meaningful deliverability challenges. OVERVIEW A blacklist is a list of mail servers (or domains) that have been identified by an individual or group as senders of spam. Some lists are compiled automatically, while others are manually compiled by individuals. Blacklist services range from respected and formalized groups to one-man operations, sometimes self-appointed vigilantes of the email world. Both methods can be extremely arbitrary and often result in "false positives" (e.g. email desired by the recipient that does not get delivered due to filtering or blocking). There is no single reason a sender may get listed on a blacklist. In general, blacklisting services target companies perceived to be sending spam. Typically, this is because the group or individual maintaining the blacklist has received unsolicited email from the listed server. Some public groups, such as SpamCop, base their listings on the number of complaints issued from consumers. Even one complaint can cause a block to be issued. There also is no one single source for blacklists, making it difficult if not impossible to identify every blacklist currently active.

  • Transcript Day2.Pdf (2.96

    OFFICIAL TRANSCRIPT PROCEEDING FEDERAL TRADE COMMISSION MATTER NO. P024407 TITLE SPAM PROJECT PLACE FEDERAL TRADE COMMISSION 600 PENNSYLVANIA AVENUE, N.W. WASHINGTON, D.C. 20580 DATE MAY 1, 2003 PAGES 1 THROUGH 324 FTC SPAM FORUM -- DAY TWO SECOND VERSION FOR THE RECORD, INC. 603 POST OFFICE ROAD, SUITE 309 WALDORF, MARYLAND 20602 (301)870-8025 1 1 FEDERAL TRADE COMMISSION 2 I N D E X 3 4 Economics of Spam Page 5 5 Blacklists Page 111 6 Best Practices Page 183 7 Wireless Spam Page 257 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 For The Record, Inc. Waldorf, Maryland (301)870-8025 2 1 P R O C E E D I N G S 2 - - - - - 3 MR. HUSEMAN: We want to go ahead and get 4 started this morning. Thank you all for arriving back 5 for day two. 6 Before we begin, I just want to make a few 7 housekeeping announcements. Remember, if you have a cell 8 phone or other device that beeps, make sure to turn it 9 off, please. 10 Remember that the exits are directly behind you 11 and then out towards the front where you came in. 12 Again, we would like to thank the companies who 13 have provided us refreshments this morning. Those 14 include AOL, AT&T Wireless, EarthLink, ePrivacy Group, 15 Microsoft, SpamCon Foundation, Words to the Wise and 16 Yahoo!. 17 Before we begin day two, I would like to 18 introduce Commissioner Mozelle Thompson, who will start 19 off the day by giving us introductory remarks.
  • Information Security

    Information Security

    A SA Research Information Security J. Carlton Collins ASA Research - Atlanta, Georgia 770.734.0950 [email protected] Information Security Table of Contents Chapter Chapter Title & Page Count Page Number 1 Locks ‐ (2 Pages) 6 2 Government Compliance ‐ (3 Pages) 8 3 Securing Hard Drives and Laptop Computers ‐ (16 Pages) 11 4 Encryption ‐ (12 Pages) 27 5 Strong Passwords ‐ (7 Pages) 39 6 Windows ‐ Files and Folders ‐ (8 Pages) 46 7 System Restore ‐ (3 Pages) 54 8 Firewalls ‐ (7 Pages) 57 9 Wireless Security ‐ (8 Pages) 64 10 Checking the Security of your PC ‐ (4 Pages) 72 11 Online Security Tests ‐ (3 Pages) 76 12 Windows ‐ User Accounts & Groups ‐ (6 Pages) 79 13 Windows ‐ Screen Savers ‐ (4 Pages) 85 14 Pornography ‐ (4 Pages) 89 15 Sample Contracts ‐ (9 Pages) 93 16 Computer Bread Crumbs ‐ (6 Pages) 102 17 Computer Disposal ‐ (5 Pages) 108 18 Backup Strategy ‐ (14 Pages) 113 19 Viruses ‐ (6 Pages) 127 20 Phishing ‐ (7 Pages) 133 21 Spy Stuff ‐ (14 Pages) 140 22 Privacy Test ‐ (6 Pages) 154 23 Fake IDs ‐ (7 Pages) 160 24 National ID Cards ‐ (4 Pages) 167 25 Fake Social Security Cards ‐ (5 Pages) 171 26 Identity Theft ‐ (14 Pages) 176 27 Employee Theft ‐ (6 Pages) 190 28 Background Checks ‐ (5 Pages) 196 29 Bonding Employees ‐ (3 Pages) 201 30 Asterisk Key ‐ (2 Pages) 204 31 Encryption Analyzer & Passware ‐ (3 Pages) 206 32 Securing Desktop Computers ‐ (3 Pages) 209 33 Windows ‐ Windows Services ‐ (6 Pages) 212 34 Risk of Fire ‐ (3 Pages) 218 35 Credit Card Fraud ‐ (11 Pages) 221 36 Counterfeit Money ‐ (9 Pages) 232 37 Cracking and