turnersloane
Verified User
- Joined
- Sep 27, 2006
- Messages
- 52
Greetings all,
In the past few weeks, we've seen a mass increase in UCE coming from dedicated servers from various data centers in the US. I personally keep a close eye on where UCE originates, and in the past it seems most UCE came from DSL/cable modem users. But not now.
Many of the IP's I check are either Ensim or Plesk boxes fresh on the network. Any ideas as to what may be happening - as in, could it be these boxes are becoming part of a bot-net seconds after being fired up?
We'll see 3-4 UCE's in a row originating from one IP, then nothing more from that IP for days, if ever (we keep track of the IP's in a database). Then more UCE from a different IP. But the main issue seems not to be the UCE itself, but its origin. Quite a bit actually comes from EV1 servers.
Comments, suggestions?
Sloane
In the past few weeks, we've seen a mass increase in UCE coming from dedicated servers from various data centers in the US. I personally keep a close eye on where UCE originates, and in the past it seems most UCE came from DSL/cable modem users. But not now.
Many of the IP's I check are either Ensim or Plesk boxes fresh on the network. Any ideas as to what may be happening - as in, could it be these boxes are becoming part of a bot-net seconds after being fired up?
We'll see 3-4 UCE's in a row originating from one IP, then nothing more from that IP for days, if ever (we keep track of the IP's in a database). Then more UCE from a different IP. But the main issue seems not to be the UCE itself, but its origin. Quite a bit actually comes from EV1 servers.
Comments, suggestions?
Sloane