10,352 active botnets (was Re: register.com down sev0?)
Marshall Eubanks
tme at multicasttech.com
Thu Oct 26 12:45:58 UTC 2006
Dear Fergie;
Is there a similar statistic available for Mac OS X ?
Regards
Marshall
On Oct 26, 2006, at 5:43 AM, Fergie wrote:
>
> Jose's numbers are conservative.
>
> Given some mathematical acrobatics, I'd suggest examining some
> of the (shocking) number sin Microsoft's Security Intelligence
> Report (Google it) -- these are reflective:
>
> "Of the 4 million computers cleaned by the company's MSRT
> (malicious software removal tool), about 50 percent (2 million)
> contained at least one backdoor Trojan. While this is a high
> percentage, Microsoft notes that this is a decrease from the
> second half of 2005. During that period, the MSRT data showed
> that 68 percent of machines cleaned by the tool contained a
> backdoor Trojan."
>
> Ref: http://www.eweek.com/article2/0,1759,2036439,00.asp
>
> If you're wondering why DDoS attacks are so effective, look
> no further than your backyard.
>
> - ferg
>
>
> -- Sean Donelan <sean at donelan.com> wrote:
>
> On Thu, 26 Oct 2006, alex at pilosoft.com wrote:
>> Well, let's talk about "worst-case ddos". Let's say, 50mpps (I
>> have not
>> heard of ddos larger that that number). Let's say, you can sink/
>> filter
>> 100kpps on each box (not unreasonable on higher-end box with nsd).
>> That
>> means, you should be able to filter this attack with ~500 servers,
>> appropriately place. Say, because you don't know where the attack
>> will
>> come in, you need 4 times more the estimated number of servers,
>> that's
>> 2000 servers. That's not entirely unreasonable number for a large
>> enough
>> company.
>
> Botnets were the topic at today's Info Security conference in New York
> City. <http://www.infosecurityevent.com> Coincidences? Or just
> as random as your iPod shuffle?
>
> Jose Nazario estimated that there were 10,352 botnets active on the
> Internet earlier this year. You will probably always be outnumbered on
> the public Internet.
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
More information about the NANOG
mailing list