Full Disclosure mailing list archives
Re: Botnets and tracking and busting scriptkiddies
From: Michael Holstein <michael.holstein () csuohio edu>
Date: Mon, 14 Mar 2005 15:47:28 -0500
DD> Now simply do a /join #badguyschan key DD> The first thing you want here is the topic which will tell you what the DD> Handel of the attacker is and what date he set up this bot net DD> If he is in channel do a /uwho and a /dns to get his ip to hand over toDD> the victim companies and or the feds for a quick crucifiction ,
Crucial point missed : don't do any of this from your primary Internet connection unless you can weather the storm of a pissed-off scriptkiddie with 3000 bots on cablemodems (guess who figured this one out the hard way a few years ago?).
A $9/mo dialup or a dsl that has "real" dynamic addressing is a *very* good idea when investing and/or aggrivating botnet controllers.
Happy whacking... Michael Holstein CISSP GCIA Cleveland State University. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- RE: Botnets and tracking and busting scriptkiddies Dominique Davis (Mar 14)
- Re: Botnets and tracking and busting scriptkiddies Michael Holstein (Mar 14)
- Re[2]: Botnets and tracking and busting scriptkiddies Egoist (Mar 14)
- Re: Botnets and tracking and busting scriptkiddies Michael Holstein (Mar 14)