Full Disclosure mailing list archives
Re: What to do with bot networks
From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 03 Dec 2004 12:52:05 -0600
--On Friday, December 03, 2004 12:27:20 PM -0500 Conor Sibley <csibley () gmail com> wrote:
The answer to this question is inversely proportional to the amount of time you have to screw with it.-Do I disable the network This is a huge network that is likely used for DDOSing. If you've ever been DOSed... it sux. -Do I report to ISP or authorities The ISP is in an eastern European country and I don't know if the local authorities would do anything let alone care. -Do I do nothing This option sucks but it sure is the easiest
case "$1" in
no_time)
OPTION=3
;;
some_time)
OPTION=1
;;
lots_of_time)
OPTION=2
;;
*)
echo $"Usage: 0$ {no_time|some_time|lots_of_time}"
exit 1
esac
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- What to do with bot networks Conor Sibley (Dec 03)
- Re: What to do with bot networks Paul Schmehl (Dec 03)
- AW: What to do with bot networks Robert Marquardt (Dec 03)
- Re: What to do with bot networks Ron DuFresne (Dec 04)
- Re: What to do with bot networks Paul Schmehl (Dec 03)