RE: drone armies C&C report - July/2005
Going further I think IL-CERT is doing a great service to the Internet community. Their alerts allow to responsible network admins to investigate and to preserve their networks clean of debris like spyware and trojans.
The point is that aged data is an eternity when you're talking about botnets, worms, zombies, c/c's, etc which is what made me wonder why it was being posted in the first step. A month is a long time in botland. Yes, I'm all for clean networks. Yes, IL CERT does as good a job as any CERT, I'm sure. -M<
Going further I think IL-CERT is doing a great service to the Internet community. Their alerts allow to responsible network admins to investigate and to preserve their networks clean of debris like spyware and trojans.
The point is that aged data is an eternity when you're talking about botnets, worms, zombies, c/c's, etc which is what made me wonder why it was being posted in the first step. A month is a long time in botland.
while i'm not the one posting it, i do see these summaries and i also see much of the raw data that's being summarized, in real time, as it's found and shared. AS owners/operators who want to get the data in real time have already been told to send <ge@linuxbox.org> some e-mail asking for it. the summaries are primarily useful for C&C's that are still alive a month later even though plenty of notices have been sent to the relevant NOC's. in other words it's sort of like defcon's "wall of sheep". i like the approach. -- Paul Vixie
participants (2)
-
Hannigan, Martin -
Paul Vixie