i am not a list moderator, but i do have a request
which is, please move these threads to a non-SP mailing list. R [ 41: Danny McPherson ] Re: mitigating botnet C&Cs has become useless R [ 22: "Laurence F. Sheldon] R < 45: Danny McPherson > R [ 62: "Laurence F. Sheldon] R [ 162: "J. Oquendo" ] Re: [Full-disclosure] what can be done with botnet C&C's? R < 211: "Payam Tarverdyan Ch> R [ 66: Michael Nicks ] i already apologized to the moderators for participating in a non-ops thread here. there are plenty of mailing lists for which botnets are on-topic. nanog is not one and should not become one. nanog has other useful purposes. -- Paul Vixie
which is, please move these threads to a non-SP mailing list.
R [ 41: Danny McPherson ] Re: mitigating botnet C&Cs has become useless R [ 22: "Laurence F. Sheldon] R < 45: Danny McPherson > R [ 62: "Laurence F. Sheldon] R [ 162: "J. Oquendo" ] Re: [Full-disclosure] what can be done with botnet C&C's? R < 211: "Payam Tarverdyan Ch> R [ 66: Michael Nicks ]
i already apologized to the moderators for participating in a non-ops thread here. there are plenty of mailing lists for which botnets are on-topic. nanog is not one and should not become one. nanog has other useful purposes. -- Paul Vixie
I second that emotion. Chris Jester Suavemente, INC. SplitInfinity Networks 619-227-8845 AIM: NJesterIII ICQ: 64791506 NOTICE - This e-mail and any files transmitted with it are confidential and are only for the use of the person to whom they are addressed. If you are not the intended recipient you have received this e-mail in error. Any use, dissemination, forwarding, printing, copying or dealing in any way whatsoever with this e-mail is strictly prohibited. If you have received this e-mail in error, please reply immediately by way of advice to us. It is the addressee/recipient duty to virus scan and otherwise test the information provided before loading onto any computer system. Suavemente, INC. does not warrant that the information is free of a virus or any other defect or error. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Suavemente, INC.
Paul Vixie wrote:
which is, please move these threads to a non-SP mailing list.
R [ 41: Danny McPherson ] Re: mitigating botnet C&Cs has become useless R [ 22: "Laurence F. Sheldon] R < 45: Danny McPherson > R [ 62: "Laurence F. Sheldon] R [ 162: "J. Oquendo" ] Re: [Full-disclosure] what can be done with botnet C&C's? R < 211: "Payam Tarverdyan Ch> R [ 66: Michael Nicks ]
i already apologized to the moderators for participating in a non-ops thread here. there are plenty of mailing lists for which botnets are on-topic. nanog is not one and should not become one. nanog has other useful purposes.
We have already enough botnets DoSsing the net. We dont need nondisclosed botlists DoSsing this forum. We both agree Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de mail: peter@echnaton.serveftp.com http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/
On Aug 13, 2006, at 1:02 PM, Paul Vixie wrote:
which is, please move these threads to a non-SP mailing list.
R [ 41: Danny McPherson ] Re: mitigating botnet C&Cs has become useless R [ 22: "Laurence F. Sheldon] R < 45: Danny McPherson > R [ 62: "Laurence F. Sheldon] R [ 162: "J. Oquendo" ] Re: [Full-disclosure] what can be done with botnet C&C's? R < 211: "Payam Tarverdyan Ch> R [ 66: Michael Nicks ]
i already apologized to the moderators for participating in a non- ops thread here. there are plenty of mailing lists for which botnets are on- topic. nanog is not one and should not become one. nanog has other useful purposes.
Interestingly enough, I lurk here 99.999% of the time. I comment on this thread and folks ask to move it to a non-SP mailing list? Perhaps non-operational, but this certainly has direct implications on SPs and I'm of the opinion it's quite relevant - well, certainly as relevant as the past recent threads: SORBS Contact New Latop Policies Fingerprinting and SPAM ID MPLS Gear for Outside Plant [perhaps] Fedex Contact Citrix Load-balancing Detecting Parked Domains I suppose it's more "what I feel like reading and sending email about", as opposed to whether/what's on topic or not. I'm done with this thread on NANOG - else the slew of "me too" responses on this "list moderator" thread will divert attention from alternative cruft... Wondering if I should send a message to NANOG every time I see a thread of questionable NANOG relevance, -danny
Dear all, On So, 2006-08-13 at 15:17 -0600, Danny McPherson wrote:
Interestingly enough, I lurk here 99.999% of the time. I comment on this thread and folks ask to move it to a non-SP mailing list? Perhaps non-operational, but this certainly has direct implications on SPs and I'm of the opinion it's quite relevant - well, certainly as relevant as the past recent threads:
i waited to view, where this discussion will go, but that's exactly the point. In my opinion, it's really interesting and necessary to be informed about topics like botnets. It would be a failure, when this topics won't be discussed anylonger on this list. Also it isn't that a big problem, to filter topics for himself for relevance or of no relevance. Just my two cents. Regards Thomas Kuehling -- Thomas Kuehling - TK2325-RIPE Hoehestrasse 28 - 61348 Bad Homburg vor der Höhe - Hessen Jahnstrasse 6 - 26219 Boesel - Niedersachsen
On 13 Aug 2006, Paul Vixie wrote:
which is, please move these threads to a non-SP mailing list.
R [ 41: Danny McPherson ] Re: mitigating botnet C&Cs has become useless R [ 22: "Laurence F. Sheldon] R < 45: Danny McPherson > R [ 62: "Laurence F. Sheldon] R [ 162: "J. Oquendo" ] Re: [Full-disclosure] what can be done with botnet C&C's? R < 211: "Payam Tarverdyan Ch> R [ 66: Michael Nicks ]
i already apologized to the moderators for participating in a non-ops thread here. there are plenty of mailing lists for which botnets are on-topic. nanog is not one and should not become one. nanog has other useful purposes.
Paul, apparently, we are in disagreement! :) Botnets are an operational issue affecting most of every large carrier to moms&pops service provider here. I believe a lot of the information about botnets, which is not that complex, is behind held in secret for no reason, and I release it when possible. Most importantly, though, this discussion has not devolved into personal accusations, unrelated issues or flames. It is still on-track for what is being discussed and as most members are expected, not just need to, deal with the issue, they are chiming in. Those who are not interested in this on-topic subject for so many here, should just start another. No one can be expected to be interested in everything. This is probably one of the more active and interesting discussions in the past year which are ON-TOPIC. Now, unless we discuss reverse engineering, sandboxing or perhaps encryption, how are botnets, DDoS created by botnets and botnet mitigation, plus ISP-wide handling not on-topic? Now tell me, aside to BGP issues, etc. how many people here have had to deal with DDoS, botnets, C&C killing and tracking, etc.? on a daily bases? How many here are interested in understanding operational implications, and then actual things that can be implemented on networks to combat the problem? As this is one of the closest issues related to net-ops discussed here this year, I'd suggest picking more on-topic subjects in general. This is a meta discussion, so I suppose according to the guidelines it should be taken to nanog-futures where we can <beep> about it for a week? Thanks, Gadi.
On Thu, Aug 17, 2006 at 02:48:01PM -0500, Gadi Evron wrote:
Paul, apparently, we are in disagreement! :)
Botnets are an operational issue affecting most of every large carrier to moms&pops service provider here.
I believe a lot of the information about botnets, which is not that complex, is behind held in secret for no reason, and I release it when possible.
...
This is probably one of the more active and interesting discussions in the past year which are ON-TOPIC.
If this is all we have to talk about and it is on-topic, then NANOG has failed, and we need a new list where people can actually discuss network operations. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
I have to agree... I joined this list a few weeks ago, and am pretty sad at the garbage I have to sift through. It's more of a FLAME Thrower if you ask me. I'm giving it another few days, and I'm off to looking for other lists that are much more useful than this deal here. Robert Hantson CTO/CIO - Network Operations QBOS, Inc. Dallas, TX -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Richard A Steenbergen Sent: Thursday, August 17, 2006 3:15 PM To: Gadi Evron Cc: nanog@merit.edu Subject: Re: i am not a list moderator, but i do have a request On Thu, Aug 17, 2006 at 02:48:01PM -0500, Gadi Evron wrote:
Paul, apparently, we are in disagreement! :)
Botnets are an operational issue affecting most of every large carrier
moms&pops service provider here.
I believe a lot of the information about botnets, which is not that complex, is behind held in secret for no reason, and I release it when possible. ... This is probably one of the more active and interesting discussions in
to the
past year which are ON-TOPIC.
If this is all we have to talk about and it is on-topic, then NANOG has failed, and we need a new list where people can actually discuss network operations. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
On Thu, 17 Aug 2006, Richard A Steenbergen wrote:
On Thu, Aug 17, 2006 at 02:48:01PM -0500, Gadi Evron wrote:
Paul, apparently, we are in disagreement! :)
Botnets are an operational issue affecting most of every large carrier to moms&pops service provider here.
I believe a lot of the information about botnets, which is not that complex, is behind held in secret for no reason, and I release it when possible.
...
This is probably one of the more active and interesting discussions in the past year which are ON-TOPIC.
If this is all we have to talk about and it is on-topic, then NANOG has failed, and we need a new list where people can actually discuss network operations.
Who is stopping you? Either to raise subjects you deem apropriate, or to start another list? The fact this thread is more successful than most others is in my opinion an indicator of interest. That said.. What's operational to some may not be operational to others. That said, either raise a subnject, contribute to one, or ignore the ones youdon't like unless they are declared off-charter. No? Gadi.
-- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
On Thu, 17 Aug 2006, Gadi Evron wrote:
On Thu, 17 Aug 2006, Richard A Steenbergen wrote:
If this is all we have to talk about and it is on-topic, then NANOG has failed, and we need a new list where people can actually discuss network operations.
Who is stopping you? Either to raise subjects you deem apropriate, or to start another list?
How many people asking nicely will it take before you take the hint? Why don't _you_ start another list. IIRC, you already have. Please consider using it, since I am pretty sure there's no question as to whether you'd be on-topic there. Thanks! matto --matt@snark.net------------------------------------------<darwin>< Moral indignation is a technique to endow the idiot with dignity. - Marshall McLuhan
On Thu, 17 Aug 2006 16:15:25 EDT, Richard A Steenbergen said:
If this is all we have to talk about and it is on-topic, then NANOG has failed, and we need a new list where people can actually discuss network operations.
Admittedly, discussions about how to mitigate a botnet are less on topic than discussing how to fix a BGP wedgie. On the other hand, it's very hard to launch a DDoS big enough to need mitigating unless you have a botnet to launch it from. Even Mafiaboy knew that one. So if you get rid of the botnets, you get rid of the 2AM alerts that a DDoS is in progress. And 2AM alerts are operational, at least in my book.
participants (10)
-
Chris Jester
-
Danny McPherson
-
Gadi Evron
-
Matt Ghali
-
Paul Vixie
-
Peter Dambier
-
Richard A Steenbergen
-
Robert J. Hantson
-
Thomas Kuehling
-
Valdis.Kletnieks@vt.edu