Re: Are botnets relevant to NANOG?

[Gadi Evron <ge () linuxbox org>]

On Fri, 26 May 2006, Rick Wesson wrote:
> > I am saying I am reading the OARC comments and this is sort of what
> > it fees like. As much as Gadi seems to appropriate others credit,
> > Randy Vaugh and him have been doing this work for some time and
> > deserves some credit so I'd say "have you spoken to them about how
> > to make their report better" yet instead of "create more".
>
> Yes, we have worked with Gati and Randy Vaugh; infact randy helped me 
> out today; thanks randy!
>
> There is a difference in how Randy/Gati collect data and how we collect 
> data. The stuff we publish are from numerous dns based realtime 
> blacklists and spam traps we run. Other folks black-hole botnets and 
> capture data.
>
> We both come up with a dataset that overlaps but we don't yet know by 
> how much. So our data is another view using a different methodology and 
> isn't supposed to be "better" but confirming of where the problem is and 
>   estimates of its magnitude.

The more we know, the better. I believe the time for action has come and
gone, but I was not born a pessimist. :)

If the first step is to de-"classify" what's public so that people are
aware of what's going on, I say bring it on.

Great work, Rick. Beer is on me this defcon.

        Gadi.
> -rick