[110388] in North American Network Operators' Group
Re: Ethical DDoS drone network
daemon@ATHENA.MIT.EDU (Gadi Evron)
Sun Jan 4 22:55:46 2009
Date: Sun, 4 Jan 2009 21:55:20 -0600 (CST)
From: Gadi Evron <ge@linuxbox.org>
To: John Kristoff <jtk@cymru.com>
In-Reply-To: <20090104215318.02cc355e@t61p>
Cc: Jeffrey Lyon <jeffrey.lyon@blacklotus.net>, nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
On Sun, 4 Jan 2009, John Kristoff wrote:
> On Sun, 4 Jan 2009 21:06:34 -0500
> "Jeffrey Lyon" <jeffrey.lyon@blacklotus.net> wrote:
>
>> Say for instance one wanted to create an "ethical botnet," how would
>> this be done in a manner that is legal, non-abusive toward other
>> networks, and unquestionably used for legitimate internal security
>> purposes? How does your company approach this dilemma?
>
> As long as some part of the system (hosts/networks) from the bots to
> the target is not under your control or prepared for this sort of
> activity, you may not get a satisfactory answer on this. Its quite
> likely these days a third party playing the unwitting participant in
> this botnet may find it objectionable.
>
> Is creating and running a botnet the answer? What exactly are you
> trying to protect against? DDoS?
>
> There are potentially various sorts of penetration tests and design
> reviews you could go through as an alternative to running a so-called
> "ethical" botnet. Further information on what you're trying to protect
> against may solicit some useful strategies.
A legal botnet is a distributed system you own.
A legal DDoS network doesn't exist. The question is set wrong, no?
> John
>
