mitigating botnet C&Cs has become useless

• Previous message (by thread): mitigating botnet C&Cs has become useless
• Next message (by thread): mitigating botnet C&Cs has become useless
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Aug 3, 2006, at 4:22 PM, Scott Weeks wrote:


>
>> But shutting them down, that's like the police arresting
>> all the informants.  It doesn't stop the crime, it just
>> eradicates all your easy leads.
>
> What're folk's thoughts on that?

I'm not sure I'd liken shutting C&C infrastructure down to
"arresting the informants".  I think that's quite a bad analogy,
actually, as informants are [often] third parties while C&C
infrastructure is used to convey actual execution instructions
- which are very often much more than DoS, as John pointed
out.

-danny

• Previous message (by thread): mitigating botnet C&Cs has become useless
• Next message (by thread): mitigating botnet C&Cs has become useless
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]