On Fri, Oct 7, 2011 at 2:11 PM, Joly MacFie <joly@punkcast.com> wrote:
Botnets buying up IPv4 address space
http://j.mp/nMJ5Lr (Threat Post)
I'd welcome comments as to solutions to this. Or is it just scaremongering?
Joly, The author has drawn a relationship between a lot of unrelated things. Hackers and spammers "rent" IP addresses all the time, and have done so for two decades. It's called, "Here's my money for colo hosting service and I need some IP addresses to go along with it." Nothing has changed as a result of IPv4 depletion. Botnets are hacked machines. They come with their own IP addresses scattered about the globe and don't require any particular source. No relation to IPv4 depletion and only tangentially related to the "bulletproof hosting" that supplies IP addresses for the C&C servers. As for auctioning IP blocks, my experience is that hackers don't bother. If they want IP addresses beyond what the colo provider offers, they steal them: find a block of addresses not routed on the public Internet and forge LoAs they present to their ISP. They're going to lose them anyway, so why bother paying money? Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.comĀ bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004