[70464] in North American Network Operators' Group
Re: Antivirus firms discover Bots
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Sun May 16 11:24:45 2004
Date: Sun, 16 May 2004 16:24:04 +0100 (BST)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0405151927010.12204@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
Hmm, so if the AV discovers an active bot is it possible to take this a step
further and locate the C&C and forward that info to relevant network operators?
Steve
On Sat, 15 May 2004, Sean Donelan wrote:
>
> I'm glad that anti-virus firms are noticing the growth of Bots.
> Unfortunately, their guestimating ability is still woefully inadequate.
>
> Even frequent updates to anti-virus software won't help. Many
> bots disable automatic updates and block access to the antivirus
> sites. By the time anti-virus software detects somethings wrong,
> its already too late. The solution is to make certain your computer is
> not compromised, instead of relying on anti-virus to clean it up later.
>
> Antivirus firms warn of growing 'Bot' Networks
> http://www.informationweek.com/story/showArticle.jhtml?articleID=20300880
>
