North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: short Botnet list and Cashing in on DoS

  • From: Gadi Evron
  • Date: Thu Oct 07 12:19:27 2004

Going after the bots is lesser effort. The controllers are
a priority.
That's not happening.

AV companies are mostly interested in hyping the latest worm or semi-worm. Drone armies, hundreds of thousands large (no exaggeration) are just too much of an effort with 1000+ new Trojan horses coming out every month.

Also, there are virtually no resources directed at this problem except for a _few_ numbered concerned individuals from various corporate security teams and a few people who use IRC networks, world-wide.

As long as so many computers are out there for the taking, it is almost an impossible war.

Maybe it would be possible to check if any users from a location you are in-charge of are connecting to these IP's and sending them an automated email about their security plus a deal on an AV product (whatever it is worth for this)?
I doubt many here have the time to even consider such an effort, even with the deal.

There are easier ways, such as seeing who in a said network connects out with recognized signatures.. again, I doubt many would bother.

Spam, viruses, it all revolves around the same problem. The users en-masse are a serious risk on the macro level. Besides, with so many drones around and infected machines - who needs a proxy to be anonymous?

Gadi Evron.