Blackholes and IXs and Completing the Attack.
Roland Dobbins
rdobbins at cisco.com
Sun Feb 3 01:45:30 UTC 2008
On Feb 3, 2008, at 4:50 AM, Paul Ferguson wrote:
> We (Trend Micro) do something similar to this -- a black-hole BGP
> feed of known botnet C&Cs, such that the C&C channel is effectively
> black-holed.
What's the trigger (pardon the pun, heh) and process for removing IPs
from the blackhole list post-cleanup, in Trend's case?
Is there a notification mechanism so that folks who may not subscribe
to Trend's service but who are unwittingly hosting a botnet C&C are
made aware of same?
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
More information about the NANOG
mailing list