North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Phishing and BGP Blackholing
Then there's the whole trust issue - though the Team Cymru guys do an awesome job doing the bogon feed, it's rare that you have to suddenly list a new bogon at 2AM on a weekend. And there's guys that *are* doing a good job at tracking down and getting these sites mitigated, they prefer to get the sites taken down at the source. I'm not sure they would *want* to be trying to do a BGP feed.
As an operator of a large collections of Web hosting sites, I appreciate the work of those guys who track down sites and send alerts. I can then surgically remove the offending phishing sites quickly. When a customer does the sites (and I've had a few of those) I usually find multiple phishing payload sites...and the account is so closed so quickly that the perps don't even have time to fetch the data they collected.
The champaionship record is nine payload-sites for different phishing targets.