Ethical DDoS drone network

John Kristoff jtk at cymru.com
Sun Jan 4 21:53:18 CST 2009


On Sun, 4 Jan 2009 21:06:34 -0500
"Jeffrey Lyon" <jeffrey.lyon at blacklotus.net> wrote:

> Say for instance one wanted to create an "ethical botnet," how would
> this be done in a manner that is legal, non-abusive toward other
> networks, and unquestionably used for legitimate internal security
> purposes? How does your company approach this dilemma?

As long as some part of the system (hosts/networks) from the bots to
the target is not under your control or prepared for this sort of
activity, you may not get a satisfactory answer on this. Its quite
likely these days a third party playing the unwitting participant in
this botnet may find it objectionable.

Is creating and running a botnet the answer?  What exactly are you
trying to protect against?  DDoS?

There are potentially various sorts of penetration tests and design
reviews you could go through as an alternative to running a so-called
"ethical" botnet. Further information on what you're trying to protect
against may solicit some useful strategies.

John




More information about the NANOG mailing list