Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Dismantling Botnets?

from [Bryan Allen] Network Security [Permanent Link]
Subject: Re: Dismantling Botnets?
Date: Wed, 19 Oct 2005 12:42:19 -0400 

On Oct 18, 2005, at 10:58 PM, steven@lovebug.org wrote:

Is there a place where current information can be given and it will truly
be investigated and action will be taken? For example, in the past few
days I have come across multiple botnets of 30,000-50,000 on each server.
In one case I even suspect that the hosting provider might be facilitating
the activity. For that reason alone I have avoided reporting this to the
hosting provider. Is there a government source that actually takes the
information, investigates it, and will actually make something happen? I
think many of us have read the DDoS story on GRC.com before. This guy was
actively being attacked and located the live botnet and still couldn't get
the authorities to do anything (IIRC). Has anything changed since then?


If you are a university, there is UNISOG (unisog.org), which is a closed group of infosec people working at depts all over the world and sharing information.

As for corporations, not sure. The problem with that is once you start handing that information out, it's also there for the C&C owners to use. "Oh, that one's been discovered and is being blocked by lots of people, time to pop another box and shift controllers."

As for companies that are actually hosting botnets... the BBB? ;-)
--
Bryan Allen
bda@mirrorshades.net
http://bda.mirrorshades.net
Cyberpunk is dead. Long live cyberpunk.



[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Odd Increase in Malformed Packets Aimed at Port 0, Geo.
Next by Date:  SSH bruteforce on its way..., Volker Tanger
Previous by Thread:  Dismantling Botnets?, steven
Next by Thread:  Re: Dismantling Botnets?, Thorsten Holz
Indexes:  [Date] [Thread] [Top] [All Lists]