[90505] in North American Network Operators' Group
Re: Are botnets relevant to NANOG?
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri May 26 22:11:54 2006
Date: Fri, 26 May 2006 21:11:29 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: Rick Wesson <wessorh@ar.com>
Cc: Martin Hannigan <hannigan@renesys.com>, nanog@merit.edu
In-Reply-To: <44779378.80204@ar.com>
Errors-To: owner-nanog@merit.edu
On Fri, 26 May 2006, Rick Wesson wrote:
>
> > I am saying I am reading the OARC comments and this is sort of what
> > it fees like. As much as Gadi seems to appropriate others credit,
> > Randy Vaugh and him have been doing this work for some time and
> > deserves some credit so I'd say "have you spoken to them about how
> > to make their report better" yet instead of "create more".
>
> Yes, we have worked with Gati and Randy Vaugh; infact randy helped me
> out today; thanks randy!
>
> There is a difference in how Randy/Gati collect data and how we collect
> data. The stuff we publish are from numerous dns based realtime
> blacklists and spam traps we run. Other folks black-hole botnets and
> capture data.
>
> We both come up with a dataset that overlaps but we don't yet know by
> how much. So our data is another view using a different methodology and
> isn't supposed to be "better" but confirming of where the problem is and
> estimates of its magnitude.
The more we know, the better. I believe the time for action has come and
gone, but I was not born a pessimist. :)
If the first step is to de-"classify" what's public so that people are
aware of what's going on, I say bring it on.
Great work, Rick. Beer is on me this defcon.
Gadi.
>
>
> -rick
>
>
