North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Block all servers?
Terry Baranski wrote: That being said, NAT does break stuff and as has been mentioned,I would expect most new sophisticated trojans to include this functionality. Most home users run their WinXP with "Local Administrator" rights anyway because othervise many activities would be more complicated to accomplish. Many turn off AV products already. I would also expect the sophisticated trojans to include NATPT like funcitionality when it becomes neccessary to accumulate the needed number of zombies for effective DDoS and other distruptive activities. We already see them utilizing the local SMTP configuration on the machine to use the relays the user is supposed to. The Road Ahead is to make DDoS and abuse mitigation more efficient and put some real security into the application architechtures without making them unusable. Pete Pete
|