Full Disclosure mailing list archives
Re: What to do with bot networks
From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 03 Dec 2004 12:52:05 -0600
--On Friday, December 03, 2004 12:27:20 PM -0500 Conor Sibley <csibley () gmail com> wrote:
The answer to this question is inversely proportional to the amount of time you have to screw with it.-Do I disable the network This is a huge network that is likely used for DDOSing. If you've ever been DOSed... it sux. -Do I report to ISP or authorities The ISP is in an eastern European country and I don't know if the local authorities would do anything let alone care. -Do I do nothing This option sucks but it sure is the easiest
case "$1" in no_time) OPTION=3 ;; some_time) OPTION=1 ;; lots_of_time) OPTION=2 ;; *) echo $"Usage: 0$ {no_time|some_time|lots_of_time}" exit 1 esac Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- What to do with bot networks Conor Sibley (Dec 03)
- Re: What to do with bot networks Paul Schmehl (Dec 03)
- AW: What to do with bot networks Robert Marquardt (Dec 03)
- Re: What to do with bot networks Ron DuFresne (Dec 04)
- Re: What to do with bot networks Paul Schmehl (Dec 03)