North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: short Botnet list and Cashing in on DoS
- From: Gadi Evron
- Date: Sat Oct 09 00:07:11 2004
Trouble? When they have 40K extra users to pay for bandwidth (easily
eats up a T1 or two), it's damage enough. Besides, would you like
someone to launch "cyber A-Bombs" (phaa) from your network?
Only when they do something about it.
And I know people who mail abuse reports for hundreds of such *lists*,
something /rarely/ gets done.
1. Worrying about personal privacy of their users, not wanting to bend
too many rules to fight these drones that *appear* like regular users.
Appear? If you own one of the blocks below, please do something about it.
One thing they focus on it taking down control web pages. For example if
the runner would give a command: 'update http://etc.com/evil.trojan.exe'
or if the drones spam themselves on irc.. then it's all about the abuse
teams. Some are really responsive, some just ignore.
Last time I took the time to inform ISP's about such a list was when it
was a 700 large army of *nix boxes. Haven't seen one of those for years
before that. It was 3 months ago or so.
It was rather funny really. Lesson learned: don't use hostnames like
"securebox" or "secureserver1" or such.
sadsa``` ~firstname.lastname@example.org Don't Touch Me
`o`hj`h` ~email@example.com Don't Touch Me
TaiFrunze ~firstname.lastname@example.org Don't Touch Me
I try and take care personally of drones and abusers I see coming from
Israel.. it's way too much work and annoyance as it is, thanks though.
Most ISP's truly don't want this as their own problem. I personally
don't blame them. Luckily the ISP I work for has no home users.
If you have any problem in Israel, whether with finding a contact or
reaching law enforcement - feel free to email me and I'd be glad to find
you a contact.