North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: drone armies C&C report - July/2005

  • From: Paul Vixie
  • Date: Mon Aug 15 23:26:04 2005

> > Going further I think IL-CERT is doing a great service to the Internet
> > community. Their alerts allow to responsible network admins to
> > investigate and to preserve their networks clean of debris like spyware
> > and trojans.
> 
> The point is that aged data is an eternity when you're talking about
> botnets, worms, zombies, c/c's, etc which is what made me wonder why it
> was being posted in the first step. A month is a long time in botland.

while i'm not the one posting it, i do see these summaries and i also see
much of the raw data that's being summarized, in real time, as it's found
and shared.  AS owners/operators who want to get the data in real time have
already been told to send <[email protected]> some e-mail asking for it.  the
summaries are primarily useful for C&C's that are still alive a month later
even though plenty of notices have been sent to the relevant NOC's.  in
other words it's sort of like defcon's "wall of sheep".  i like the approach.
-- 
Paul Vixie