Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Botnets and tracking and busting scriptkiddies

From: Michael Holstein <michael.holstein () csuohio edu>
Date: Mon, 14 Mar 2005 15:47:28 -0500
DD> Now simply do a /join #badguyschan key DD> The first thing you want here is the topic which will tell you what the DD> Handel of the attacker is and what date he set up this bot net DD> If he is in channel do a /uwho and a /dns to get his ip to hand over to 
DD> the victim companies and or the feds  for a quick crucifiction ,
Crucial point missed : don't do any of this from your primary Internet connection unless you can weather the storm of a pissed-off scriptkiddie with 3000 bots on cablemodems (guess who figured this one out the hard way a few years ago?).
A $9/mo dialup or a dsl that has "real" dynamic addressing is a *very* good idea when investing and/or aggrivating botnet controllers. 

Happy whacking...

Michael Holstein CISSP GCIA
Cleveland State University.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: