North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Are botnets relevant to NANOG?
Sean Donelan wrote: On Fri, 26 May 2006, John Kristoff wrote:What I'd be curious to know in the numbers being thrown around if there has been any accounting of transient address usage. Since I'm spendingI worked with Adlex to update their software to identify and track dynamic addresses associated with subscriber RADIUS information. At the time, Adlex (now CompuWare) was the only off-the-shelf software that matched unique subscriber RADIUS instead of just IP address. It is behavior based, so not absolutely 100% accurate, but it is useful for long term trending "bot-like" unique subscribers instead of dynamic IP addresses. I presented some public numbers at an NSP-SEC BOF. There is a large difference between the number of unique subscribers versus the number of dynamic IP addresses detected by various public detectors. http://www.compuware.com/products/vantage/4920_ENG_HTML.htm Just an afterthought, traceroute and take the final router. I guess for aDSL home users you will find some 8 or 11 routers in germany. My final router never changes. Of course there can hide more than one bad guy behind that router. Kind regards Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: [email protected] mail: [email protected] http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
|