North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Blackholes and IXs and Completing the Attack.
On Feb 3, 2008, at 4:50 AM, Paul Ferguson wrote: We (Trend Micro) do something similar to this -- a black-hole BGP feed of known botnet C&Cs, such that the C&C channel is effectively black-holed. What's the trigger (pardon the pun, heh) and process for removing IPs from the blackhole list post-cleanup, in Trend's case? Is there a notification mechanism so that folks who may not subscribe to Trend's service but who are unwittingly hosting a botnet C&C are made aware of same? ----------------------------------------------------------------------- Roland Dobbins <[email protected]> // 408.527.6376 voice Culture eats strategy for breakfast. -- Ford Motor Company
|