Re: mitigating botnet C&Cs has become useless

["Fergie" <fergdawg () netzero net>]

-- "Scott Weeks" <surfer () mauigateway com> wrote:

[snip]

> Yes, you're correct.  I didn't mean to say the things you
> mentioned haven't worked at all.  I'm just saying that there
> has to be a better way than police-type actions on a global
> scale.  Also, I'm sure many more smart people will work on
> it for many more years and others will make billions more
> before it's solved.  But it needs to be solved on the same
> playing field that the ugliness is occurring on.  You don't
> solve San Diego's slave trade by kicking ass on Indonesia's
> pirates.
>
> Last, you're also correct that this is leading nowhere.  I
> made my point and have now beat it to death.  Thanks for
> listening...
>
> scott

Personally, I think there is wiggle-room between what Gadi surmises
(persoanlly, I think he is playing Devil's advocate), what everyone
else may surmise as an effort into nothingness, and what Vixie
professes (if anyone bothered to read what he forwarded -- I did,
and very much agree).

I actually think there is _a_lot_ which can be, and should be, done.

Turning a blind eye is unnacceptable, and right now, ISP's are in
the spotlight w.r.t. doing just that:

http://www.zdnet.com.au/news/security/soa/ISPs_accused_of_ignoring_botnet_invasion/0,2000061744,39257307,00.htm

There is _major_ room for improvement, so I guess the relevant
question becomes: Are people part of the problem or part of the
solution?

What's the measuring stick?

- ferg

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/