North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking )
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- Christopher Morrow <[email protected]> wrote: >I'd love to see CPE dsl/cable-modem providers integrate with a 'service' >that lists out 'bad' things. it'd be nice if the user could even tailor >that list (just C&C or C&C + child-porn or C&C older not than X >days/hours/minutes) ... I think it might even help, and be vendor >>agnostic (from a provide and hardware) perspective. Ironically, that is exactly part of a product announcement that we (Trend Micro) are making on 30 July. Since this topic arose, I saw Trend mentioned as a possible product "culprit" in this scenario, but it isn't. Yet. :-) The particular service to be announced on Monday (BIS, or Botnet Identification Service), is nothing more than a BGP feed of _known_ and _vetted_ botnet C&Cs as /32s, intended to be a black-hole feed. Interested folks should either e-mail me off-list, or just wait for the official announcement on 30 July. Cheers, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGplq5q1pz9mNUZTMRAnFzAKCicaHuvoTwJk92hPOOu2E/ofjhegCcCrMc XCA4rpUCimConxtKV/Qrsfs= =N2f1 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
|