Re: mitigating botnet C&Cs has become useless

• Previous message: Stefan Hegger: "Re: SORBS Contact"
• Maybe in reply to: Barry Shein: "Re: mitigating botnet C&Cs has become useless"
• Next in thread: Sean Donelan: "Re: mitigating botnet C&Cs has become useless"
• Reply: Sean Donelan: "Re: mitigating botnet C&Cs has become useless"
• Reply: Michael Loftis: "Re: mitigating botnet C&Cs has become useless"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Sat, 5 Aug 2006 17:17:27 -0400 (EDT), Sean Donelan typed:

>Railroads have the railroad police. The Post Office has postal
>inspectors. Do we want to give ISP security the power to arrest
>people?

We (ISPs) already do have that power, we can disconnect misbehaving
subscribers. And in cases like this, we should keep them off the 'net
until they've cleaned up their PC.

And besides doing that, we should educate our subs on how to properly
maintain their PC (installing and keeping up-to-date antivirus
software, patch the OS on a regular basis, you know the drill).

I don't think hunting down the botnet operator is going to solve the
problem. If I were to setup a botnet, I'd have many layers of machines
(in as many different countries as possible) and protocols between me
and the drones that do my dirty work.

So, yeah, it can be solved (OK, to a large extend) by manpower, but as
someone else already mentioned, it's a case of ROI. And, as usual,
security is only costing you money.....

Gr,

Arjan H

• Previous message: Stefan Hegger: "Re: SORBS Contact"
• Maybe in reply to: Barry Shein: "Re: mitigating botnet C&Cs has become useless"
• Next in thread: Sean Donelan: "Re: mitigating botnet C&Cs has become useless"
• Reply: Sean Donelan: "Re: mitigating botnet C&Cs has become useless"
• Reply: Michael Loftis: "Re: mitigating botnet C&Cs has become useless"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]