Consultancy banishes botnet with appliance

Tuesday, 17 February, 2009

A botnet infection has led The Leading Edge, a consultancy firm, to deploy a messaging security gateway appliance with spam protection and antivirus. In doing so, the company improved the availability of its business-critical email systems.

The consultancy, which employs more than 100 staff throughout Sydney, Melbourne and overseas, decided to look around for a new system following a botnet infection that left the company with only intermittent email access for two days, following a Christmas break.

The company’s IT staff returned to work following the break to find that the company had become a major source of spam emails. The company’s email gateway was being used as an email relay forwarding tens of thousands of spam emails purporting to be from a Spanish bank. The traffic was enough to completely swamp and take down the company’s internet link.

“We were lucky. It happened on the best possible day. It was the first day back after Christmas and only 10% of the staff were back at work,” says Tom Lineen, Sydney-based IT manager for The Leading Edge.

Upon discovering the problem, the IT staff immediately took down the company’s email server and re-established its internet connection. But their initial efforts to eradicate the infection proved frustrating.

Each time they thought they had fixed the problem and restarted the email server, the infection would re-appear in a different form and start sending out spam emails again. Staff would have the opportunity to send and receive emails for a short period before the email server had to be taken down again.

To resolve the problem, the staff realised they would first have to stop the outgoing spam. Only then would IT staff have the time to eradicate the botnet infection completely.

The Leading Edge ultimately decided to install a Proofpoint email security solution. The appliance stopped the outgoing spam, allowing the company to restore its email systems. The company’s IT staff then set about eradicating the botnet infection and, when that was done, getting The Leading Edge removed from a number of spam blacklist services that were still stopping some outgoing emails from being delivered.

“We rely on email for all aspects of our work, from selling our services and setting up contracts to client communications,” says Lineen. “When email is down, people are very unhappy. We work on highly critical timeframes for some of our projects. If the email system hadn’t come back we could have lost business.”

Related Products

D-Link PowerLine pass-through powerline

The D-Link PowerLine AV2 2000 gigabit pass-through powerline starter kit includes two...

Trend Micro Incorporated XGen endpoint security

The Trend Micro Incorporated XGen endpoint security identifies benign data and known threats. It...

Kingston IronKey D300 managed encrypted USB flash drive

The Kingston IronKey D300 managed encrypted USB flash drive deploys an advanced level of encryption.

  • All content Copyright © 2022 Westwick-Farrow Pty Ltd