[98047] in North American Network Operators' Group
Bots back to full throttle
daemon@ATHENA.MIT.EDU (Sean Donelan)
Tue Jul 24 02:55:31 2007
Date: Tue, 24 Jul 2007 02:53:11 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
The DNS entries for the EFnet and other mainline IRC servers previously
affected appear to have timed-out/been removed from various ISP
caching DNS resolvers I checked. I didn't check if all the routing
blackholes have cleared up.
User-based IRC servers should back to being pummled by Bot C&C requests
as normal now.
As I said, false positives suck. Unfortunately there isn't an anti-abuse
system that never makes a mistake; unless you do nothing. I'm skeptical
of people who claim they've never made a mistake.
