nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: mitigating botnet C&Cs has become useless

From: John Kristoff <jtk () ultradns net>
Date: Thu, 3 Aug 2006 20:23:14 -0500

On Thu, 03 Aug 2006 12:22:31 -1000
"Scott Weeks" <surfer () mauigateway com> wrote:


But shutting them down, that's like the police arresting
all the informants.  It doesn't stop the crime, it just
eradicates all your easy leads. 


What're folk's thoughts on that?


Well that's one perspective.

I love the bit about tagging the packets and using QoS (whatever that
means) though, that would be a hoot.  Keep in mind bots are not just
for DoS.  They spam, they capture keystrokes and mouseclicks, they can
be proxies and so on.   If in the name of botnets QoS gets widely
deployed I'll put print out this email, puree it in a blender and
humbly chug it down at a future NANOG.

John
Previous By Date Next
Previous By Thread Next

Current thread: