<upcoming-getting-old-birthday-ramble> While on another list (security list that some of you guys are on) there is a discussion about a particular botnet that the "BP approach" of containment is occurring. Not a big deal, we've all seen them from time to time.
I read with interest on how volunteers are scrambling to contain this botnet. Mind you, most of us work and do this (security tidbits) at the same time while we work. Many of us do it for self-satisfaction, for learning, for maybe naively thinking we can help make the net a better place (INSERT_SAPPY_SONG_THERE). I just can't help but taking the 50k foot view here... Why is it that network operators can't work together on instances like this and have a "botnet killswitch" framework in order. Now I know I will see the ramblings of "Why should I waste my time (spend my money)" or "This is not an operational post take a hike" and other similar posting however, this IS related to 'many-a-networks' that could be avoided. RFP anyone.. Botnet Mitigation for Networks surely collectively it would and CAN work. Is it going to take an act of someone 'pwning' everyone's account here before someone else says: "We should work together" or will go in one ear and out the other while misfits run around emptying out accounts, causing businesses to go under. Some of you guys have the most amazing minds and have literally been the glue for what we use (the Internet) and some have been the laziest admins I've seen on the planet. Surely even a minimal framework to submit "validated" botnet distribution sites is something everyone can collectively do. Nipping at the head surely minimizes the overall damage these things are doing. Now I do know some would come back and state the oft-said "Why bother! ... Dude fast-flux, etc." We know... To those, why respond. How about solutions from those who are controlling how traffic on the net flows. </upcoming-getting-old-birthday-ramble> -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E