nanog mailing list archives
Re: ACLs / Filter Lists - Best Practices
From: Rob Thomas <robt () cymru com>
Date: Fri, 30 Nov 2001 10:50:28 -0600 (CST)
Hi again, all. Ah, this is a topic near and dear to my heart. :) ] And before someone jumps up and says "theoretical!", I'm sure a few ] NANOGers who double as occasional IRC server admins can possibly ] attest to strangely named channels with hundreds of idling ] clients sitting in them.. :-) I track between one and ten botnets per day, on IRC networks both public and private. They vary in size from five bots to greater than 10K bots. The average is on the low end, probably less than 100 bots. The large botnets (> 2000 bots) are rare, but they do exist. Ponder the power of 10K bots hitting your border routers with any sort of flood. <BOOM> This stuff is quite real, and quite powerful. Thanks, Rob. -- Rob Thomas http://www.cymru.com/~robt ASSERT(coffee != empty);
Current thread:
- ACLs / Filter Lists - Best Practices John McBrayne (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Scott Francis (Nov 27)
- Re: ACLs / Filter Lists - Best Practices E.B. Dreger (Nov 27)
- Re: ACLs / Filter Lists - Best Practices Christopher L. Morrow (Nov 27)
- RE: ACLs / Filter Lists - Best Practices Barry Raveendran Greene (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Geoff Zinderdine (Nov 28)
- Re: ACLs / Filter Lists - Best Practices Nicolas FISCHBACH (Nov 28)
- RE: ACLs / Filter Lists - Best Practices Tim Irwin (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Adrian Chadd (Nov 29)
- Re: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- Re: ACLs / Filter Lists - Best Practices Andreas Plesner Jacobsen (Nov 29)
- RE: ACLs / Filter Lists - Best Practices Rob Thomas (Nov 30)
- <Possible follow-ups>
- RE: ACLs / Filter Lists - Best Practices Irwin Lazar (Nov 28)