On Aug 4, 2006, at 12:00 AM, bmanning@vacation.karoshi.com wrote:
useless...
perhaps. i'm partly of the mind that botnets, p2p networks, manets, and other self-organizing systems are the "wave" of the future (or even the present) and the technologies, per se, are not inherently "evil" or even bad.
Well, that clearly depends on your prescription for "self-organizing". I certainly wouldn't categorize the botnets I'm referring to as self- organizing, in particular when they're being employed in a _very organized manner - most always unbeknownst to each systems ultimate owner, and more and more often in such a way that allows A botherder to employ them for an ever-expanding array of malicious activities.
imho, it is short sighted to try and curtail, mitigate, and eradicate these types of technologies - its kind of like trying to kill off SMTP because it only sends spam, FTP because its only used to distribute PR0N... and HTTP because its only used by peadophiles stalking my daughters on MySpace...
better to understand how these things are used and figure out how to determine INTENT and then filter on that instead of technological eradication.
Right, hence my point. By and large, SPs don't have the time or resources to police the greater Internet, and therefore, they respond in a very reactive fashion when some malicious activity *that* warrants action dictates. Taking out known botnet C&C infrastructure is more proactive and at least from my perspective, continues to yield a discernible impact. It's all about ROI - and anything more than reactionary measures only moves them further from profitability. Putting solutions in place that allow the SPs to recoup costs associated with playing sysadmin for customers are the only way they'll be able to give dedicated focus to the problem.
just my contrarian 0.02 rupias.
I'd expect no less Bill :-) -danny