[150434] in North American Network Operators' Group
Re: Botnet Traffic
daemon@ATHENA.MIT.EDU (James Smith)
Thu Feb 23 17:47:34 2012
From: "James Smith" <james@smithwaysecurity.com>
To: "Darius Jahandarie" <djahandarie@gmail.com>
In-Reply-To: <CAFANWtUbiXTGubZq63EaX9MwrREWV0T0pKoisTfi6=axAv_z2w@mail.gmail.com>
Date: Thu, 23 Feb 2012 18:46:42 -0400
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Thank you, this will be helpful.
-----Original Message-----
From: Darius Jahandarie
Sent: Thursday, February 23, 2012 6:26 PM
To: James Smith
Cc: nanog@nanog.org
Subject: Re: Botnet Traffic
On Thu, Feb 23, 2012 at 17:17, James Smith <james@smithwaysecurity.com>
wrote:
> Can anyone on this list provide botnet network traffic for analysis, or Ip’s
> which have been infected.
Have you considered contacting Team Cymru or Shadowserver? As far as I
know, they are the two major groups who collect this sort of
information on a non-local scale. I believe Team Cymru at least has
someone who follows NANOG..
The largest issue here is going to be trust -- it is highly unlikely
your just going to get huge dumps of useful information, especially if
your intentions are for-profit.
Best of luck.
--
Darius Jahandarie
