The silent network

Preliminary Table of Contents:

Malware, Virus, Spam The definitions A history of malware a brief historical overview

The Morris Worm The first unix worm, what it did and its consequences in Internet security thinking

Microsoft invents the internet In the mid nineties, the writers of edlin discovered networking. we consider their discoveries and what they brought with them

Modern malware if they crack your system, what do they do?

Spam Back to the other annoyance, and why it ties in with malware

The ugly truth a few basics you should know about non-trivial software

Fighting back How OpenBSD and other freenixes go about making life unbearable for malware writers in a few (or at least logical) easy steps

Where do we fit in? Enough theory already, what can a Unix sysadmin *do*

Spam: characteristics We see patterns, note them

Tools: content scan Make the robots read mail, make decisions a few pros and cons

More of the mundane: behavioral methods the miscreants are fun to watch, and we read their (en)trails we look at some examples of how they've adapted and review some of the tools at our disposal

A working model Finally, a sample configuration. One you can build on any BSD. Integrating content filtering in your MTA's delivery chain

Giving spammers a hard time

The final part of the presentation goes into some detail of how to use PF and its spamd companion application, progressing through the proper selection of blacklists, greylisting and greytrapping with some examples and data on our success rate and the level of noise we are fighting. Protecting expensive proprietary appliance style tools with free tools can sometimes be enlightening.