To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
I am starting a discussion in the relevant groups on this subject, to try
and come up with some suggestions and TO-DO items we can follow up on, or
maybe even better - find another solution.
Networks require a means by which they can control their botnet
population. Yes, "curing" the problem is great, but it won't happen in the
near future.
Obviously, having ISP's call even one customer to remove infections
doesn't work (costs significantly more than the subscription fee per
attempt) and people just get re-infected.
I am looking to utilize proven technology to be able to reduce the cost of
what a botnet can do.
If botnet traffic is detected, even by not very sophisticated technologies
such as simply checking for email sent from dynamic ranges or netflow
data, it should be possible to use routing technology to "mitigate".
QoS can limit the traffic these bots can utilize much like it would P2P
users in most ISP's today. These users are already of limited traffic due
to the effects of the bot.
How can this be done using today's technology? Does it require re-design
of hardware or new systems to be designed? I hope to find out and get a
proposal ready,
Gadi.
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
