|
List Info Thread: RFC: public efforts in the botnets realm
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
RFC: public efforts in the botnets realm |
|
List Info Thread: RFC: public efforts in the botnets realm
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
linuxbox.org>
To: <closed botnets list>
Subject: public efforts
Hi guys. our public efforts in the botnet realm thus far
consist
of *mainly*:
1. The monthly C&C report.
2. Public botnet reporting to us.
3. Public discussion list.
The monthly report is now largely accepted by most in the
net-ops
community as reliable, and it meets the test of scrutiny. We
had some
early bumps on how we represent data, what data we want to
show and what
information we want to deduce from it - but I think we are
there now.
Public botnet reporting to us is going great. I stopped
relaying them to
the list is it is extremely time consuming for me, but they
are dealt
with. As soon as a volunteer who doesn't just want to talk
to the press
and take them off my back but also do this work comes along,
we will get
these again here too.
The public discussion list has in my opinion brought an
immense public
awareness, law enforcement interest and industry work.
Little to no new
information was divulged there that the Bad Guys would not
already know
with their gigs of bot sources and exchange networks (not to
mention
support web forums). That's just my opinion, feel free to
chime in.
The monthly reports are great, as is getting data from the
public of
net-ops and sys-admins. The discussion list is on a tight
leash, but I
would like those of you who have been monitoring it and
disagree with me
to do so here and tell us why we failed there.
If we indeed see the botnets