nanog mailing list archives
Re: Ethical DDoS drone network
From: "Justin M. Streiner" <streiner () cluebyfour org>
Date: Sun, 4 Jan 2009 21:31:46 -0500 (EST)
On Sun, 4 Jan 2009, Jeffrey Lyon wrote:
Say for instance one wanted to create an "ethical botnet," how would this be done in a manner that is legal, non-abusive toward other networks, and unquestionably used for legitimate internal security purposes? How does your company approach this dilemma?
The company I work for has not approached this particular dilemma yet.I'm not sure what legitimate internal security purposes you're looking to fulfill, but I think you need to ask yourself a few questions first (not an all-inclusive list, but food for thought nonetheless):
1. What is the purpose of this legit botnet? In other words, what business objective does it achieve?
2. Do you have the people in-house to write the software, or would you be willing to take a chance on using something that exists 'in the wild'? Depending on how security-minded your shop is, your corporate security folks and legal counsel might take a dim view toward using untrusted software on your internal network, especially if source code is not available. That particular monster can get out of control very quickly.
3. Do you have a sufficient number of machines that are controlled by you to populate this botnet and achieve my goals (see point 1)?
4. How will this botnet be isolated from the rest of your internal network, and would that isolation limit or even negate the botnet's usefulness?
5. If the answer to question 4 is "no isolation", how will you demonstrably control the botnet's propagation?
6. Depending on the answer to question 5, there might be regulatory compliance (HIPAA, FERPA, GLB, SOX, internal security/privacy policies, contractual obligations, etc...) issues to consider.
Our company for instance has always relied on outside attacks to spot check our security and i'm beginning to think there may be a more user friendly alternative.
Infection, even for ethical purposes, is still infection. jms
Current thread:
- Ethical DDoS drone network Jeffrey Lyon (Jan 04)
- Re: Ethical DDoS drone network Zach (Jan 04)
- Re: Ethical DDoS drone network Paul Ferguson (Jan 04)
- Re: Ethical DDoS drone network macbroadcast (Jan 04)
- Re: Ethical DDoS drone network Justin M. Streiner (Jan 04)
- Re: Ethical DDoS drone network John Kristoff (Jan 04)
- Re: Ethical DDoS drone network Gadi Evron (Jan 04)
- Re: Ethical DDoS drone network Zach (Jan 04)
- Re: Ethical DDoS drone network bmanning (Jan 04)
- Re: Ethical DDoS drone network James Hess (Jan 04)
- Re: Ethical DDoS drone network Gadi Evron (Jan 04)
- RE: Ethical DDoS drone network BATTLES, TIMOTHY A (TIM), ATTLABS (Jan 05)
- RE: Ethical DDoS drone network Edward B. DREGER (Jan 05)
- RE: Ethical DDoS drone network BATTLES, TIMOTHY A (TIM), ATTLABS (Jan 05)
- Re: Ethical DDoS drone network Jack Bates (Jan 05)
- Re: Ethical DDoS drone network Roland Dobbins (Jan 05)
- RE: Ethical DDoS drone network Edward B. DREGER (Jan 05)