On Thu, 7 Jun 2007, Iljitsch van Beijnum wrote:
Its more than null routes, but not much more. The router does a re-route
on a list of network/IP address, and then for the protocols the redirector
box understands (i.e. pretty much only HTTP) it matches part of the
application/URL pattern.
That's a cool way to implement monitoring of traffic towards random parts of
the internet.
There are much easier, cheaper ways to do that.
And as another person pointed out, the IWF method is not very
surreptitious so the bad guys can tell someone found them and
can improve their methods.
And did I mention the false positive problem of click-fraud and
embedded IMG URLs accessing those sites too. Yes, your computer
may have been recorded accessing a bad site when you read a
spam mail.