To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- On Tuesday 30 May 2006 04:55, Gadi Evron wrote: > Public IRC servers on IRC networks have been used for botnets extensively > in the past. Even though they were in denial, the situation in around > 2002-2003 was that 20 to 50 per cent of the big networks were drones. In my experience, a lot of the reason that public IRC servers tolerate drones & drone farmers is not by choice. There are (or were) few IRC servers that could withstand a full-out DDoS attack by large scale drone network. Waltzing into a drone channel and k-lining 10,000+ drones can have many effects: 1) This much traffic could cause the IRC server to lag to desync (on legacy IRC servers, anyway) 2) Poorly configured bots would hammer the IRC port day and night (times 10,000) 3) A well-designed drone could use a dynamic dns service to update and use a different server. The then angry farmer would DDoS the crap out of the public IRC server he was just k-lined from.
> I personall support them, but I believe the days of "botnet hunting" their > way are over since about 2000. Still, I've been wrong before, and I've > never seen any better way of learning about botnets. Could you elaborate a little on this point? I feel that the shadowserver people are doing a good job, and I feel their methods are most effective. Fact is, I can think of no better way to do what they're doing. Craig _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
