drone armies C&C report - July/2005
David Ulevitch
davidu at everydns.net
Tue Aug 16 05:17:11 UTC 2005
On Aug 15, 2005, at 9:39 PM, Hannigan, Martin wrote:
>> the
>> summaries are primarily useful for C&C's that are still alive
>> a month later
>> even though plenty of notices have been sent to the relevant
>> NOC's. in
>> other words it's sort of like defcon's "wall of sheep". i
>> like the approach.
>>
>
> Wall of sheep certainly is humorous, but IL CERT using this
> data as a shaming mechanism is, well, a shame.
Why you associate IL CERT with this is confusing to others. I am
confident that you know there is little or no connection. We all
have employers. You, me and Gadi included. ;-)
Many of us choose to work to make the Internet a better place or at
least make it as safe as it were before we signed on. I don't like
having to worry about my mom being phished or my sisters' laptop
taking part in a global botnet. If this kind of work falls within
the guidelines of our employment; great. If not; that's why there
are groups like this. For purely operational activities there are
lists and fora to foster that. This is different. This is about
turning the tide and not simply reacting and mitigating after the
fact. I certainly don't speak for Gadi or the group so I'll stop there.
> Once the NOC engages in an excercise of futility based on that
> list, it will never be read again and the effort ends up being
> more futile, which is another shame. It's a good project,
> but it got ripe before it was ready, IMO.
There was nothing actionable in the list posted. Any NOC that
engages in anything besides a request to be notified in the future
would be confounding.
Thanks,
David
More information about the NANOG
mailing list