nanog mailing list archives
Re: Are botnets relevant to NANOG?
From: Peter Dambier <peter () peter-dambier de>
Date: Fri, 26 May 2006 16:37:05 +0200
Michael.Dillon () btradianz com wrote:
In recent discussions about botnets, some people maintained that botnets (and viruses and worms) are really not a relevant topic for NANOG discussion and are not something that weshould be worried about. I think that the CSI and FBI would disagree with that.
Some people need whatever bandwidth they can get for ranting. Of course routing reports, virus reports and botnet bgp statistics take away a lot of valuable bandwidth that could otherwise be used for nagging. On the other hand without Gadi's howling for the wolves those wolves might be lost species and without the wolves all the nagging and ranting would make less fun.
Now NANOG members cannot change OS security, they can'tchange corporate security practices, but they can have an impact on botnets because this is where the nefariousactivity meets the network.
They can. All you have to do is look for free software and join the devellopers or the testers or report whatever you have found out. When working for Exodus and GLC I have seen I could change security practices. I was working in London, Munich and Frankfurt NOCs. Sorry I did not know about NANOG that time. It would have made my live a lot more interesting.
Therefore, I conclude that discussions of botnets do belong on the NANOG list as long as the NANOG list isnot used as a primary venue for discussing them.
Botnets are networks. We should have the network operators on the NANOG list. (I am afraid we do already have them :)
One thing that surveys, such as the CSI/FBI SecuritySurvey, cannot do well is to measure the impact of botnet researchers and the people who attempt to shutdown botnets. It's similar to the fight against terrorism. I know that there have been 2 terrorist attacks on London since 9/11 but I don't know HOW MANY ATTACKSHAVE BEEN THWARTED. At least two have been publicised but there could be dozens more.Cleaning up botnets is rather like fighting terrorism. At the end, you have nothing to show for it. No news coverage, no big heaps of praise. Most people aren't sure there was ever a problem to begin with. That doesn't mean that the work should stop or that network providers should withold their support for cleaning up the botnet problem.
Maybe it is high time for a transparent frog. Invisible for secure systems but as soon as one of the bots tries to infect it, it will ... In case you are not Gadi or working for Gadi, feel free to ignore the tranparent frog. I have never met one :) Cheers Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: peter () peter-dambier de mail: peter () echnaton serveftp com http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
Current thread:
- Are botnets relevant to NANOG? Michael . Dillon (May 26)
- Re: Are botnets relevant to NANOG? Peter Dambier (May 26)
- Re: Are botnets relevant to NANOG? Rick Wesson (May 26)
- Re: Are botnets relevant to NANOG? John Kristoff (May 26)
- Re: Are botnets relevant to NANOG? Rick Wesson (May 26)
- Re: Are botnets relevant to NANOG? John Kristoff (May 26)
- Re: Are botnets relevant to NANOG? Peter Dambier (May 26)
- Re: Are botnets relevant to NANOG? Gadi Evron (May 26)
- Re: Are botnets relevant to NANOG? Rick Wesson (May 26)
- Re: Are botnets relevant to NANOG? Sean Donelan (May 26)
- Re: Are botnets relevant to NANOG? Peter Dambier (May 26)
- Re: Are botnets relevant to NANOG? Gadi Evron (May 26)
- Re: Are botnets relevant to NANOG? Sean Donelan (May 30)
- Re: Are botnets relevant to NANOG? Peter Dambier (May 26)