[192884] in North American Network Operators' Group
Re: Avalanche botnet takedown
daemon@ATHENA.MIT.EDU (Rich Kulawiec)
Thu Dec 1 17:43:55 2016
X-Original-To: nanog@nanog.org
Date: Thu, 1 Dec 2016 17:43:51 -0500
From: Rich Kulawiec <rsk@gsp.org>
To: nanog@nanog.org
In-Reply-To: <40F41E0A-B740-49FC-9A8D-B70FE55A857D@DataIX.net>
Errors-To: nanog-bounces@nanog.org
On Thu, Dec 01, 2016 at 03:02:30PM -0600, J. Hellenthal wrote:
> 99% ? That's a pretty high figure there.
Yeah. I thought so too. For the first ten years. Now I think it's
not nearly high enough. Let me give you three examples -- the three
that happen to be occupying my attention at the moment. I've got more
if you've got the time. A *lot* more.
1) http://www.firemountain.net/~rsk/loan.txt
2) http://www.firemountain.net/~rsk/space.txt
3) http://www.firemountain.net/~rsk/online.txt
1553, 3794, and 602 domains respectively. For brevity, I'll spare
you (4) which is a list of 97,657 domains (all in .info) using
variations of the same words, all registered by the same "company".
Note that my collection methods are lossy, so all of these are
drastically UNDERinclusive.
---rsk
