Re: mitigating botnet C&Cs has become useless

North American Network Operators Group

Re: mitigating botnet C&Cs has become useless

From: Danny McPherson
Date: Thu Aug 03 22:57:07 2006

On Aug 3, 2006, at 4:22 PM, Scott Weeks wrote:

But shutting them down, that's like the police arresting
all the informants.  It doesn't stop the crime, it just
eradicates all your easy leads.

What're folk's thoughts on that?


I'm not sure I'd liken shutting C&C infrastructure down to
"arresting the informants".  I think that's quite a bad analogy,
actually, as informants are [often] third parties while C&C
infrastructure is used to convey actual execution instructions
- which are very often much more than DoS, as John pointed
out.

-danny

Follow-Ups:
- Re: mitigating botnet C&Cs has become useless Barry Shein
- Re: mitigating botnet C&Cs has become useless bmanning

References:
- RE: mitigating botnet C&Cs has become useless Scott Weeks

Prev by Date: Re: mitigating botnet C&Cs has become useless
Next by Date: Re: Routing issues with cox?
Date Index
Thread Index
Author Index
Historical