Re: mitigating botnet C&Cs has become useless
----- Original Message Follows ----- From: Barry Shein <bzs@world.std.com>
That's all fine and dandy until you consider the international base of these things. I'd like to see
a meeting at the Massachussets state house probably around 1998 and being shouted down by this reasoning for a few minutes.
Believe it or not spam is not the only internationalized problem on this planet. There's drug trade, actual high-seas piracy, slave trade, phone fraud, investment fraud, and on and on.
So the usual snappy response is: And look how well we do with all that!
Well, yes, you can make the best the enemy of the good. But there's a logical fallacy involved in trying to extrapolate that to "so therefore we should do nothing".
I did not mean to shout anyone down by saying what I did and trying to extrapolate to 'therefore we should do nothing'. I also did not mean to imply sloppy writing. For sure, it's more my misunderstanding than either of those. Also, it was an interesting article. I only meant that meatspace asskicking probably won't get us very far, especially in light of current intercountry cooperation. Also, wouldn't it just teach them what countries to focus their efforts on similar to the context of the article? I just hope to inject that there has to be a technical way to do this, rather than a diplomatic way as the diplomatic ways historically have not worked in the other areas mentioned, so they probably won't work here, either. Or we have to keep going until one can be contrived. Many good attempts have been made and there will be more to come until we hopefully rid ourselves of the sickness others of lower values force on us daily. scott (quickly putting on flameproof underware... ;)
On August 1, 2006 at 11:50 surfer@mauigateway.com (Scott Weeks) wrote:
... there has to be a technical way to do this, rather than a diplomatic way as the diplomatic ways historically have not worked in the other areas mentioned, so they probably won't work here, either. Or we have to keep going until one can be contrived. Many good attempts have been made and there will be more to come until we hopefully rid ourselves of the sickness others of lower values force on us daily...
I have nothing against technical solutions tho after over ten years of a lot of smart people trying, and a grand prize of probably a billion dollars increase in personal wealth, it doesn't seem forthcoming. However, I do take exception to the assertion that "diplomatic ways historically have not worked in other areas mentioned". I think what you mean is that they haven't worked perfectly, but slipped the semantics a little. Surely you didn't mean to say that all efforts to oppose, e.g., the human slave trade have been in vain? The effectiveness has a lot to do with the profitability making the risk worthwhile (e.g., drug trade), and who the crime appeals to; some poor, desparate people will take risks others won't (e.g., high-seas piracy.) Unfortunately all this reasoning might be edifying but it leads nowhere. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Login: Nationwide Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
Barry Shein wrote:
On August 1, 2006 at 11:50 surfer@mauigateway.com (Scott Weeks) wrote:
... there has to be a technical way to do this, rather than a diplomatic way as the diplomatic ways historically have not worked in the other areas mentioned, so they probably won't work here, either. Or we have to keep going until one can be contrived. Many good attempts have been made and there will be more to come until we hopefully rid ourselves of the sickness others of lower values force on us daily...
I have nothing against technical solutions tho after over ten years of a lot of smart people trying, and a grand prize of probably a billion dollars increase in personal wealth, it doesn't seem forthcoming.
Let me try to become Gadi. First of all block port 80 (http) :) Next block port 53 udp (dns). Now you have got rid of amplification attacks because spoofing does no longer work and you have got rid of all those silly users that only know how to click the mouse. Put every client leaking netbios into a sandbox. Dont allow them anything but logon :)
However, I do take exception to the assertion that "diplomatic ways historically have not worked in other areas mentioned".
I think what you mean is that they haven't worked perfectly, but slipped the semantics a little. Surely you didn't mean to say that all efforts to oppose, e.g., the human slave trade have been in vain?
The effectiveness has a lot to do with the profitability making the risk worthwhile (e.g., drug trade), and who the crime appeals to; some poor, desparate people will take risks others won't (e.g., high-seas piracy.)
Unfortunately all this reasoning might be edifying but it leads nowhere.
Cheers Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de mail: peter@echnaton.serveftp.com http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
participants (3)
-
Barry Shein
-
Peter Dambier
-
Scott Weeks