funsec mailing list archives

RE: FYI: ITU Botnet Mitigation Toolkit

From: "Barry Greene (bgreene)" <bgreene () cisco com>
Date: Thu, 15 Nov 2007 09:59:25 -0800

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Beware the ITU in these sort of "me too" fads. The are a couple of
people who work there who have been doing this for over 15 years.
When every they get involved, priority #1 is their personal and ITU
agendas - not the agendas or needs of member states.

-----Original Message-----
From: funsec-bounces () linuxbox org 
[mailto:funsec-bounces () linuxbox org] On Behalf Of Gadi Evron
Sent: Thursday, November 15, 2007 5:28 AM
To: Paul Ferguson
Cc: funsec () linuxbox org
Subject: Re: [funsec] FYI: ITU Botnet Mitigation Toolkit

On Thu, 15 Nov 2007, Paul Ferguson wrote:

controlled without

the owners' knowledge. Criminals use the collective computing power 
and connected bandwidth of these externally-controlled networks for 
malicious purposes and criminal activities, including, inter alia, 
generation of spam e-mails, launching of Distributed Denial

of Service

(DDoS) attacks, alteration or destruction of data, and

identity theft.


The threat from botnets is growing fast. The latest (2007)

generation

of botnets such as Zhelatin (Storm Worm) uses particularly

aggressive

techniques such as fast-flux networks and striking back with DDoS 
attacks against security vendors trying to mitigate them. An 
underground economy has now sprung up around botnets, yielding 
significant revenues for authors of computer viruses, botnet 
controllers and criminals who commission this illegal

activity by renting botnets.


In response to this, ITU is developing a Botnet Mitigation

Toolkit to

help deal with the growing problem of botnets. Inspired by the 
Australian Internet Security Initiative (AISI), the toolkit

draws on

existing resources, identifies relevant local and international 
stakeholders, and takes into consideration the specific

constraints of developing economies.

The toolkit seeks to raise awareness among Member States of the 
growing threats posed by botnets and the linkage with criminal 
activities and incorporates policy, technical and social aspects of 
mitigating the effects of botnets. The first draft of the

toolkit will

be made available in December 2007, with pilot tests planned in a 
number of ITU Member States in 2008.

[snip]

Much more here:
http://www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html


I had a chat with some ITU people. The secretary general of 
the ITU told me I can relay that the ITU is working on 
security and cares about these issues. I am still at IGF but 
when I come back I will update more.


- - ferg

p.s. Thanks, you-know-who-you-are. :-)

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFHO7Qvq1pz9mNUZTMRApTlAKDbHztsHC73nj44nVuVXkkcWj8jbgCdE4kq
8W82k5+sG2DLCrj0O7EwhgM=
=8zPs
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRzyI/b/UEA/xivvmEQLAXQCgzKn4KvNq71cuGtxBoYSA9zh6YD0Ani6K
4tg/prf/0ak4KylrDPbbmdLx
=k/pR
-----END PGP SIGNATURE-----

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

FYI: ITU Botnet Mitigation Toolkit Paul Ferguson (Nov 14)
- Re: FYI: ITU Botnet Mitigation Toolkit Gadi Evron (Nov 15)
  - RE: FYI: ITU Botnet Mitigation Toolkit Barry Greene (bgreene) (Nov 15)