nanog mailing list archives
Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking
From: Sean Donelan <sean () donelan com>
Date: Mon, 23 Jul 2007 16:17:39 -0400 (EDT)
On Mon, 23 Jul 2007, Chris L. Morrow wrote:
So, to back this up and get off the original complaint, if a service provider can protect a large portion of their customer base with some decent intelligence gathering and security policy implementation is that a good thing? keeping in mind that in this implementation users who know enough and are willing to forgoe that 'protection' (for some value of protection) can certainly circumvent/avoid it.
Joe St Sauver covers some of these topics. http://www.uoregon.edu/~joe/zombies.pdfShould ISPs attempt to block Bot Command and Control connections (which is more general than just IRC C&C Bots), assuming ISPs try to avoid "legitimate" servers although mistakes might happen?
Current thread:
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Paul Ferguson (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Tuc at T-B-O-H.NET (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Chris L. Morrow (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Suresh Ramasubramanian (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Chris L. Morrow (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Tuc at T-B-O-H.NET (Jul 23)