RE: IRC Bot list (cross posting)
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Bill Nash Sent: Wednesday, February 09, 2005 12:37 AM To: william(at)elan.net Cc: nanog@nanog.org Subject: Re: IRC Bot list (cross posting)
You don't mass an army if you're not about to use it. This situation can (very quickly) have operational relevance. Bringing it to light to a wider forum than special interest groups is a good idea.
You'd certainly care more if it was pointed at you.
- billn
Bill, haven't we been here before? :) There's TWO places that are doing this botnet stuff and the NANOG AUP discourages cross posting. I for one certainly don't want yet another list full of botnet stuff.
On Wed, 9 Feb 2005, Hannigan, Martin wrote:
Bill, haven't we been here before? :)
There's TWO places that are doing this botnet stuff and the NANOG AUP discourages cross posting.
I for one certainly don't want yet another list full of botnet stuff.
And I'm not subscribed to either. Yet, I've no less than a /19 of space under my purview and I don't believe that publishing botnet lists in the manner that has been done is either off topic, or off charter. Some of us, as hosting providers or similiar entities, have network costs to keep to a minimum. For those of us with security concerns, a heads up to compromised hosts within our bailiwick will *always* be appreciated. Yes, we've been here before. I'm not sure what the view is like from your horse, but I imagine it's very different from mine, since my job security is based on performance, not monopoly backing. This kind of topical suppression is as bad as draconian moderation. In the years I've been subscribed to nanog, I've taken a very simple stance to threads I'm not interested in: I ignored them. I highly suggest you do the same, because frankly, I'm rapidly tiring of your condescension. What exactly is it that makes your viewpoint more important than mine? Based on the simple evidence that you're literate, I'm going to guess that you can read, and delete, an accurately described thread by interpreting the subject line. Various persons put forth some amount of effort to, graciously, give other operators a heads up to the ongoing/potential abuse of their networks, and you're concerned about topical relevance? Why aren't you, in the least, THANKING them for their efforts? Maybe it's because these thousands of drones are being used to pump out spam across the internet, which may require (at some point) some form of domain registration at the end site pushing whatever product, which at later trickles into Verisign's coffers? If you're not going to be part of a productive solution, do us a favor and stop getting in the way of people actually trying to do something useful. - billn
Bill Nash wrote:
Various persons put forth some amount of effort to, graciously, give other operators a heads up to the ongoing/potential abuse of their networks, and you're concerned about topical relevance? Why aren't you,
Aside to if botnet issues were discussed here, it would flood the list beyond usability - I am all for that. Why is it a bad idea then? Because not all of us are Bill Nash who won't pwn a user. Gadi.
On 02/09/05, Bill Nash <billn@billn.net> wrote:
And I'm not subscribed to either. Yet, I've no less than a /19 of space under my purview and I don't believe that publishing botnet lists in the manner that has been done is either off topic, or off charter. Some of us, as hosting providers or similiar entities, have network costs to keep to a minimum. For those of us with security concerns, a heads up to compromised hosts within our bailiwick will *always* be appreciated.
That's why you make 24x7 contact info available to your peers.
If you're not going to be part of a productive solution, do us a favor and stop getting in the way of people actually trying to do something useful.
The productive solution is for reporters of badness within your network to contact your NOC directly, rather than posting here in hopes that you're paying attention. -- J.D. Falk uncertainty is only a virtue <jdfalk@cybernothing.org> when you don't know the answer yet
There's TWO places that are doing this botnet stuff and the NANOG AUP discourages cross posting.
I for one certainly don't want yet another list full of botnet stuff.
And I'm not subscribed to either. Yet, I've no less than a /19 of space under my purview and I don't believe that publishing botnet lists in the manner that has been done is either off topic, or off charter.
i suppose that at some level, the idea of topic-specific mailing lists is just a bad idea and keeps us all in the dark on most topics. wouldn't it be better to just post everything everywhere and make everybody read everything? wait, wait, i have a better idea. if you have a /19 worth of space and...
Some of us, as hosting providers or similiar entities, have network costs to keep to a minimum. For those of us with security concerns, a heads up to compromised hosts within our bailiwick will *always* be appreciated.
...you really care about botnet reports, then why not subscribe to nsp-sec@ or da@ where such reports are published all damned day long every day. if you ONLY subscribe to nanog@, you're missing a HUGE number of botnet reports. -- Paul Vixie
participants (7)
-
Bill Nash -
Gadi Evron -
Gadi Evron -
Hannigan, Martin -
J.D. Falk -
Michael Loftis -
Paul Vixie