North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: mitigating botnet C&Cs has become useless
- From: Peter Dambier
- Date: Wed Aug 02 02:26:45 2006
Barry Shein wrote:
On August 1, 2006 at 11:50 surfer@xxxxxxxxxxxxxxx (Scott Weeks) wrote:
> there has to be a technical way to do this, rather
> than a diplomatic way as the diplomatic ways historically
> have not worked in the other areas mentioned, so they
> probably won't work here, either. Or we have to keep
> going until one can be contrived. Many good attempts
> have been made and there will be more to come until we
> hopefully rid ourselves of the sickness others of lower
> values force on us daily...
I have nothing against technical solutions tho after over ten years of
a lot of smart people trying, and a grand prize of probably a billion
dollars increase in personal wealth, it doesn't seem forthcoming.
Let me try to become Gadi. First of all block port 80 (http) :)
Next block port 53 udp (dns).
Now you have got rid of amplification attacks because spoofing does
no longer work and you have got rid of all those silly users that
only know how to click the mouse.
Put every client leaking netbios into a sandbox. Dont allow them
anything but logon :)
However, I do take exception to the assertion that "diplomatic ways
historically have not worked in other areas mentioned".
I think what you mean is that they haven't worked perfectly, but
slipped the semantics a little. Surely you didn't mean to say that all
efforts to oppose, e.g., the human slave trade have been in vain?
The effectiveness has a lot to do with the profitability making the
risk worthwhile (e.g., drug trade), and who the crime appeals to; some
poor, desparate people will take risks others won't (e.g., high-seas
Unfortunately all this reasoning might be edifying but it leads
Peter and Karin
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)