Now that you two have reacquainted yourselves can we can back to the paper? 

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of pingywon
Sent: Sunday, March 13, 2005 10:02 PM
To: Egoist
Cc: full-disclosure@lists.grok.org.uk; [EMAIL PROTECTED];
dailydave
Subject: Re: Re[2]: [Full-disclosure] Know Your Enemy: Tracking Botnets

hello cock monger


~pingywon
----- Original Message -----
From: "Egoist" <[EMAIL PROTECTED]>
To: "pingywon" <[EMAIL PROTECTED]>
Cc: "Thorsten Holz" <[EMAIL PROTECTED]>; "dailydave"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<full-disclosure@lists.grok.org.uk>
Sent: Sunday, March 13, 2005 10:40 PM
Subject: Re[2]: [Full-disclosure] Know Your Enemy: Tracking Botnets


> Hello pingywon,
>
> Monday, March 14, 2005, 6:22:43 AM, you wrote:
>
> p> haha .. I didnt think anyone was REALLY named Thorsten
>
> p> ... I mean good paper....
>
> p> ~pingywon
>
>
> p> ----- Original Message ----- 
> p> From: "Thorsten Holz" <[EMAIL PROTECTED]>
> p> To: "dailydave" <[EMAIL PROTECTED]>;
> p> <[EMAIL PROTECTED]>; <full-disclosure@lists.grok.org.uk>
> p> Sent: Sunday, March 13, 2005 10:08 PM
> p> Subject: [Full-disclosure] Know Your Enemy: Tracking Botnets
>
>
> >> Greetings,
> >>
> >> The  Honeynet Project and Research Alliance is excited to announce the
> >> release of a new paper "KYE: Tracking Botnets". This paper is based on
> >> the extensive research by the German Honeynet Project.
> >>
> >>     KYE: Tracking Botnets
> >>     http://www.honeynet.org/papers/bots/
> >>
> >> Abstract:
> >> ---------
> >>
> >> Honeypots are a well known technique for discovering the tools,
tactics,
> >> and motives of attackers. In this paper we look at a special kind of
> >> threat: the individuals and organizations who run botnets. A botnet is
a
> >> network of compromised machines that can be remotely controlled by an
> >> attacker. Due to their immense size (tens of thousands of systems can
be
> >> linked together), they pose a severe threat to the community. With the
> >> help of honeynets we can observe the people who run botnets - a task
> >> that is difficult using other techniques. Due to the wealth of data
> >> logged, it is possible to reconstruct the actions of attackers, the
> >> tools they use, and study them in detail. In this paper we take a
closer
> >> look at botnets, common attack techniques, and the individuals
involved.
> >>
> >> We start with an introduction to botnets and how they work, with
> >> examples of their uses. We then briefly analyze the three most common
> >> bot variants used. Next we discuss a technique to observe botnets,
> >> allowing us to monitor the botnet and observe all commands issued by
the
> >> attacker. We present common behavior we captured, as well as statistics
> >> on the quantitative information learned through monitoring more than
one
> >> hundred botnets during the last few months. We conclude with an
overview
> >> of lessons learned and point out further research topics in the area of
> >> botnet-tracking, including a tool called mwcollect2 that focuses on
> >> collecting malware in an automated fashion.
> >>
> >> Thank you for your time,
> >>    Thorsten Holz, on behalf of the GHP
> >> (http://www-i4.informatik.rwth-aachen.de/lufg/honeynet)
> >>
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://www.secunia.com/
> >>
> p> _______________________________________________
> p> Full-Disclosure - We believe in it.
> p> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> p> Hosted and sponsored by Secunia - http://www.secunia.com/
>
> lol i am too
>
> shit my botnet just increases in size wow
>
> -- 
> Best regards,
>  Egoist                            mailto:[EMAIL PROTECTED]
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

Reply via email to