Ethical DDoS drone network

Gadi Evron ge at
Mon Jan 5 03:55:20 UTC 2009

On Sun, 4 Jan 2009, John Kristoff wrote:
> On Sun, 4 Jan 2009 21:06:34 -0500
> "Jeffrey Lyon" <jeffrey.lyon at> wrote:
>> Say for instance one wanted to create an "ethical botnet," how would
>> this be done in a manner that is legal, non-abusive toward other
>> networks, and unquestionably used for legitimate internal security
>> purposes? How does your company approach this dilemma?
> As long as some part of the system (hosts/networks) from the bots to
> the target is not under your control or prepared for this sort of
> activity, you may not get a satisfactory answer on this. Its quite
> likely these days a third party playing the unwitting participant in
> this botnet may find it objectionable.
> Is creating and running a botnet the answer?  What exactly are you
> trying to protect against?  DDoS?
> There are potentially various sorts of penetration tests and design
> reviews you could go through as an alternative to running a so-called
> "ethical" botnet. Further information on what you're trying to protect
> against may solicit some useful strategies.

A legal botnet is a distributed system you own.

A legal DDoS network doesn't exist. The question is set wrong, no?

> John

More information about the NANOG mailing list