Mastercard problems

Jack Bates jbates at brightok.net
Wed Dec 8 20:42:22 UTC 2010


On 12/8/2010 2:37 PM, Olof Johansson wrote:
> On 2010-12-08 14:06 -0600, Philip Dorr wrote:
>> The problem is that they were also slashdotted.  The logs would also have a
>> large number of unrelated.
>
> "so... the loic tool uses the host's local address, the attacks are all
> HTTP based, or tcp/80 with malformed HTTP..."
>
> That should be easy to grep by...?
>

Of course, it's debatable if use of LOIC is enough to convict. You'd 
have to first prove the person installed it themselves, and then you'd 
have to prove that they knew it would be used for illegal purposes.

The hive controller, and the actual operator(s) are who they want, and 
that's a little more work. This has been an issue in the past, even when 
we knew exactly where botnet controllers were, concerning the legality 
of taking control to shut it down.


Jack




More information about the NANOG mailing list