[91539] in North American Network Operators' Group
Re: mitigating botnet C&Cs has become useless
daemon@ATHENA.MIT.EDU (Fergie)
Thu Aug 3 17:11:32 2006
From: "Fergie" <fergdawg@netzero.net>
Date: Thu, 3 Aug 2006 21:10:05 GMT
To: danny@tcb.net
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
-- Danny McPherson <danny@tcb.net> wrote:
[good stuff elided]
>I agree that the root of the problem is the miscreants perpetrating
>these crimes, and they need to be prosecuted, but the responsibility
>falls far wider than the SPs.
>
>I also accept the references provided by Paul and others, but what's
>the near-term alternative?
>
>-danny
>
I would suggest more specific attention by service providers
specifically, and everyone in general, perhaps with more
"abuse services" -related tracks at meetings like NANOG. :-)
Or something along those lines...
I think the problem(s) have ballooned to the point where
everyone is feeling a bit overwhelmed in getting the cooperation
needed to take down botnet C&C's, phishing hosts, and other nefarious
"services" -- some which try to hide using DNS RR "fast-flux", etc.
The whole business of getting cooperation in this area needs much
improvement.
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
