On Aug 15, 2005, at 9:39 PM, Hannigan, Martin wrote:
the summaries are primarily useful for C&C's that are still alive a month later even though plenty of notices have been sent to the relevant NOC's. in other words it's sort of like defcon's "wall of sheep". i like the approach.
Wall of sheep certainly is humorous, but IL CERT using this data as a shaming mechanism is, well, a shame.
Why you associate IL CERT with this is confusing to others. I am confident that you know there is little or no connection. We all have employers. You, me and Gadi included. ;-) Many of us choose to work to make the Internet a better place or at least make it as safe as it were before we signed on. I don't like having to worry about my mom being phished or my sisters' laptop taking part in a global botnet. If this kind of work falls within the guidelines of our employment; great. If not; that's why there are groups like this. For purely operational activities there are lists and fora to foster that. This is different. This is about turning the tide and not simply reacting and mitigating after the fact. I certainly don't speak for Gadi or the group so I'll stop there.
Once the NOC engages in an excercise of futility based on that list, it will never be read again and the effort ends up being more futile, which is another shame. It's a good project, but it got ripe before it was ready, IMO.
There was nothing actionable in the list posted. Any NOC that engages in anything besides a request to be notified in the future would be confounding. Thanks, David