Fighting Spam Proxies in a University Environment

Spam is a huge annoyance for everyone. Fighting spam is difficult enough, but when spammers team up with hackers to produce ultra-sneaky Trojan horses that turn end-user computers into one stop proxies that allow spammers and hackers to hide their digital tracks, they've gone too far. This case study documents steps that one University has taken to shut down these proxies before they are used for serious evil. This University used intrusion detection system (IDS) signatures to look for incoming proxy connections which were logged so that the computers involved could be investigated for open proxies. Due to the lack of control over student and other non-University owned machines, this University adopted a user education approach to try to limit the spread of these proxies and the use of IDS as well as restricting network access to discover and mitigate proxies as they turned up.