Re: Dismantling Botnets?
From: Bryan Allen (bda_at_mirrorshades.net)
Date: Wed, 19 Oct 2005 12:42:19 -0400 To: firstname.lastname@example.org
On Oct 18, 2005, at 10:58 PM, email@example.com wrote:
> Is there a place where current information can be given and it will
> be investigated and action will be taken? For example, in the past
> days I have come across multiple botnets of 30,000-50,000 on each
> In one case I even suspect that the hosting provider might be
> the activity. For that reason alone I have avoided reporting this
> to the
> hosting provider. Is there a government source that actually takes
> information, investigates it, and will actually make something
> happen? I
> think many of us have read the DDoS story on GRC.com before. This
> guy was
> actively being attacked and located the live botnet and still
> couldn't get
> the authorities to do anything (IIRC). Has anything changed since
If you are a university, there is UNISOG (unisog.org), which is a
closed group of infosec people working at depts all over the world
and sharing information.
As for corporations, not sure. The problem with that is once you
start handing that information out, it's also there for the C&C
owners to use. "Oh, that one's been discovered and is being blocked
by lots of people, time to pop another box and shift controllers."
As for companies that are actually hosting botnets... the BBB? ;-)
-- Bryan Allen firstname.lastname@example.org http://bda.mirrorshades.net Cyberpunk is dead. Long live cyberpunk.