Re: FYI: ITU Botnet Mitigation Toolkit

[Gadi Evron <ge () linuxbox org>]

On Thu, 15 Nov 2007, Paul Ferguson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Via The ITU.
>
> [snip]
>
> Botnets (also called zombie armies or drone armies) are networks of
> compromised computers infected with viruses or malware to turn them into
> “zombies” or “robots” – computers that can be controlled without
> the owners’ knowledge. Criminals use the collective computing power and
> connected bandwidth of these externally-controlled networks for malicious
> purposes and criminal activities, including, inter alia, generation of spam
> e-mails, launching of Distributed Denial of Service (DDoS) attacks,
> alteration or destruction of data, and identity theft.
>
> The threat from botnets is growing fast. The latest (2007) generation of
> botnets such as Zhelatin (Storm Worm) uses particularly aggressive
> techniques such as fast-flux networks and striking back with DDoS attacks
> against security vendors trying to mitigate them. An underground economy
> has now sprung up around botnets, yielding significant revenues for authors
> of computer viruses, botnet controllers and criminals who commission this
> illegal activity by renting botnets.
>
> In response to this, ITU is developing a Botnet Mitigation Toolkit to help
> deal with the growing problem of botnets. Inspired by the Australian
> Internet Security Initiative (AISI), the toolkit draws on existing
> resources, identifies relevant local and international stakeholders, and
> takes into consideration the specific constraints of developing economies.
> The toolkit seeks to raise awareness among Member States of the growing
> threats posed by botnets and the linkage with criminal activities and
> incorporates policy, technical and social aspects of mitigating the effects
> of botnets. The first draft of the toolkit will be made available in
> December 2007, with pilot tests planned in a number of ITU Member States in
> 2008.
>
> [snip]
>
> Much more here:
> http://www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html

I had a chat with some ITU people. The secretary general of the ITU told 
me I can relay that the ITU is working on security and cares about these 
issues. I am still at IGF but when I come back I will update more.



> - - ferg
>
> p.s. Thanks, you-know-who-you-are. :-)
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFHO7Qvq1pz9mNUZTMRApTlAKDbHztsHC73nj44nVuVXkkcWj8jbgCdE4kq
> 8W82k5+sG2DLCrj0O7EwhgM=
> =8zPs
> -----END PGP SIGNATURE-----
>
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawg(at)netzero.net
> ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.