On Tue, 24 Jul 2007, Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- -- Christopher Morrow <christopher.morrow@verizonbusiness.com> wrote:
I'd love to see CPE dsl/cable-modem providers integrate with a 'service' that lists out 'bad' things. it'd be nice if the user could even tailor that list (just C&C or C&C + child-porn or C&C older not than X days/hours/minutes) ... I think it might even help, and be vendor
agnostic (from a provide and hardware) perspective.
Ironically, that is exactly part of a product announcement that we (Trend Micro) are making on 30 July.
neat, if only our marketting folks would see such benefits :( good for you! :)
Since this topic arose, I saw Trend mentioned as a possible product "culprit" in this scenario, but it isn't. Yet. :-)
not a culprit so much as a way that this sort of dns redirection could have been done, in a vendor supplied/supported device even.
The particular service to be announced on Monday (BIS, or Botnet Identification Service), is nothing more than a BGP feed of _known_ and _vetted_ botnet C&Cs as /32s, intended to be a black-hole feed.
Interested folks should either e-mail me off-list, or just wait for the official announcement on 30 July.
note that this will take out vhost systems... unless they are vetted off the list, which is certainly possible of course.