North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Destructive botnet originating from California (was Japan)
I would have sent out a clean list sorted via AS and IP, except I have been working from vacation on GPRS via my 1 bar of service on my cell phone. Cleaning up lists is rather painful for me in that situation. I'm pretty sure Rob Thomas cleaned up the list and added it to Team Cymru's stuff.
As a side note, I did apply to nsp-sec a while back and I was told to do something like download SNORT or join a snort discussion list. I though that was pretty telling, I run into a lot of information daily and this was messy enough for me to post to NANOG about it. I was just trying to the the right thing.
If the right thing is to post this information to a more private list, then I would do so. However, I think it has been benificial to get this information out to the public where they can actually do something about it. I've been getting emails from a lot of people thanking for the posts because they were able to identify a lot of messy traffic on their network and put an end to it. Posting information like this to a private list may not have accomplished much. I think the data should most certainly go on the Team Cymru list, but why not to a large public form putting in the faces of the people that are responsible?
This should be another thread completely, but I am wondering about the liability of the individual's who have owned machines that are attacking me/my clients. I'm not a lawyer but I would assume that tort liability law could apply and find someone liable for allowing their machine to DDoS people. There is no precedence for this, but maybe a few law suits could set one? I'm not saying I (Prolexic) would do this, but if someone sued the owners of the machines in civil court and won, maybe that would put a hell of a lot more pressure on people that run a dirty network or machine. It may place responsibility on some of these people that say, "we don't care what our users do". Have bots? Go to court... I'm really interested on comments on this, has anyone tried?
On Dec 25, 2005, at 2:36 PM, Jon Lewis wrote:
On Sun, 25 Dec 2005, Rubens Kuhl Jr. wrote:https://puck.nether.net/mailman/listinfo/nsp-securityThe first rule of nsp-sec is, you do not talk about nsp-sec The second rule of nsp-sec is, you DO NOT talk about nsp-sec