[133312] in North American Network Operators' Group
Re: [nanog] Re: Over a decade of DDOS--any progress yet?
daemon@ATHENA.MIT.EDU (Aaron Peterson)
Wed Dec 8 11:35:37 2010
Date: Wed, 08 Dec 2010 11:30:37 -0500
From: Aaron Peterson <aaron_peterson@harvard.edu>
To: nanog@nanog.org
In-Reply-To: <4CFFA7B8.8000306@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hello:
On 12/8/10 10:43 AM, JC Dill wrote:
> On 08/12/10 4:28 AM, Arturo Servin wrote:
>> One big problem (IMHO) of DDoS is that sources (the host of
>> botnets) may be completely unaware that they are part of a DDoS. I do
>> not mean the bot machine, I mean the ISP connecting those.
>
> ISPs are not the source. The source is Microsoft. The source is
> their buggy OS that is easily compromised to enable the computers to
> be taken over as part of the botnet.
Many third party vendors like Adobe, Sun and others are just as culpable
in this sense, if not more. A large majority of the vulnerabilities
leveraged to deploy modern malware / botnets come from these client-side
applications (e.g. flash, reader, java, etc) and not the OS
specifically. It's beyond the point that we can blame just Microsoft.
Yes, they can get better, but they've actually made great strides in
software security in the last few years. Now that the other vendors are
starting to feel the pain, hopefully they'll start to follow suit.
Aaron
