Re: mitigating botnet C&Cs has become useless

["Fergie" <fergdawg () netzero net>]

-- Danny McPherson <danny () tcb net> wrote:

[good stuff elided]

> I agree that the root of the problem is the miscreants perpetrating
> these crimes, and they need to be prosecuted, but the responsibility
> falls far wider than the SPs.
>
> I also accept the references provided by Paul and others, but what's
> the near-term alternative?
>
> -danny

I would suggest more specific attention by service providers
specifically, and everyone in general, perhaps with more
"abuse services" -related tracks at meetings like NANOG. :-)

Or something along those lines...

I think the problem(s) have ballooned to the point where
everyone is feeling a bit overwhelmed in getting the cooperation
needed to take down botnet C&C's, phishing hosts, and other nefarious
"services" -- some which try to hide using DNS RR "fast-flux", etc.

The whole business of getting cooperation in this area needs much
improvement.

- ferg

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/