To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
Dear All.
1st Point, Gadri very good move starting this list well done.
I work for a carrier and have seen the effects of DDOS attacks on commercial
customers. Mitigation devices are nearly always in the 100k sterling and
many of my customers have actually paid up to 30k when the blackmail threat
and first DDOS is seen. This is without me talking about bandwidth costs and
equipment required to handle the PPS throughput.
Now my main point, basically when a client gets hacked or "joined" to a
botnet this can be for a number of reasons, mainly though this boils down to
lack of patching and lack of av updates.
We all interconnect networks and peering is essential to allow traffic
through, the problem is there is no enforcement of tracebacks through
networks, add to this the complexity of every security department within an
ISP and herein lies the issue.
We are never going to stop these attacks until real penalties are leveraged
against ISP's who do not react to the traceback issues. Additionally
legislation required to remotely shut down servers is sketchy to the say the
least.
With most source IP's being spoofed the use of syn proxy's is a good step
although albeit a temporary one.
What i propose is that pressure is levied on all tier 1 ISPs backed up by
strong legislation, this way technologies such as network based AV filtering
and layer 7 heuristics will need to be deployed. This will then lead to a
knock on effect to other downstream providers who will have to take measures
to mitigate and educate end users and commercial organisations.
Blocking ports will never work. What we need to do is deep packet inspection
and enforce this into ISPS.
When an organisation makes on average £25 per mb per month for bandwidth
which is always contended dont we think its time to stop the rot and provide
real solutions to this problem.
Another useful step would be to impose penaltys on software vendors who
produce weak code and only operate closed source. This would then get the
coders to tighten up their act.
Rant over and best wishes Gavri,
_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger
7.5 today! http://messenger.msn.co.uk
_______________________________________________
botnets mailing list
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
