short Botnet list and Cashing in on DoS
hannigan at verisign.com
Wed Oct 20 19:14:29 UTC 2004
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> Paul Vixie
> Sent: Thursday, October 07, 2004 12:29 PM
> To: nanog at merit.edu
> Subject: Re: short Botnet list and Cashing in on DoS
> > > ..., a-la spamhaus. Bothaus anyone?
> > The problem with that is the list rapidly updates and must
> be maintained
> > with some level of frequency and there's a level of trust
> involved in it
> > as well.
> i consider www.cymru.com to be an excellent beginning toward
> that goalset.
> > Going after the bots is lesser effort. The controllers are
> a priority.
> wide scale BCP38 conformity is the only way any of this will
> ever happen.
You mean the bots? The controllers are behind the bots. Also,
in John's presentation..:
[..]we additionally request that they resolve the RR to 127.0.0.3
before they lock out and reload the zone.
We picked 127/8 as the standard. RFC 1918 wasn't suitable
for obvious reasons.
More information about the NANOG