Re: Operation Ghost Click

[Richard Barnes <richard.barnes () gmail com>]

ISPs in the Netherlands have had a "botnet treaty" in effect since
2009, which calls for blocking, user notification, and inter-ISP
information sharing.
<http://ripe59.ripe.net/presentations/huijbregts-botnet-convenant.pdf>
<http://www.darkreading.com/blog/227700601/dutch-isps-sign-anti-botnet-treaty.html>

I don't have any data about how effective it's been, though.



On Tue, May 1, 2012 at 8:26 AM, Livingood, Jason
<Jason_Livingood () cable comcast com> wrote:
> On 4/26/12 10:03 PM, "Jeff Kell" <jeff-kell () utc edu> wrote:
>
> > And what about the millions of users unknowingly infected with
> > "something else" ??
> >
> > (We have enough trouble isolating/remediating issues among our
> > relatively small user base, I'd hate to be facing a major ISP size
> > support/remediation effort...)
> >
> > Does anyone have a plan?
>
> Well, there's the new botnet code of conduct think (Mike O'Reirdan can
> chime in with more info here). Plus ISPs like the one I work at (Comcast)
> have been doing bot notification and remediation for some time now. I know
> other ISPs have different approaches, and so different bot programs, but
> the majority of them are doing something (with a few exceptions).
>
> Jason