To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- I assume you guys keep logs of who calls, and when? Or at least when the deactivations occur on which client ip's?
Would be a nice sample set to learn malware propagation patterns from. Desai, Ashish wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > > One approach is to de-activate the customer's network access > and hope they call the ISP customer support. When you de-activate, you > put a notation against the customer account that they have a > BOT/infection. > Most ISP/business have decent CRM systems that allow you to put text > notations against > a customer account. We told the reps to have the customer install > Anti-Virus software. > > You control the deactivation rate, so you can control the flow of calls > to the customer support team. > It increases the cost of customer support but is a nice way of not > having to call the customer. > > We did this and it works quite well at 10 customers a day. The problem > is when the customer > continue to get re-infected. Its a little frustating to the customer but > the process seems to work. > There is no compliance checking model, once the customer calls we > re-activate their access. > We deactivate after a couple of days if they still show signs of > infection. > > Ashish > > > -----Original Message----- > From: Gadi Evron [mailto:[EMAIL PROTECTED] > Sent: Monday, October 16, 2006 7:46 AM > To: [email protected] > Subject: [botnets] QoS and bot traffic > ...... > How can this be done using today's technology? Does it require re-design > of hardware or new systems to be designed? I hope to find out and get a > proposal ready, > > Gadi. > > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
