Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Are botnets relevant to NANOG?

  • From: Fergie
  • Date: Fri May 26 18:45:32 2006

Not effective against botnets.

Think of it this way, thousands of compromised hosts (zombies),
distributed to the four corners of the Internet, hundreds (if
not thousands) of AS's -- all recieving their instructions via
IRC from a C&C server somewhere, that probably also may change
due to dynamic DNS, or pump-and-dump domain registrations, or
any other various ways to continually move the C&C.

Simply going after (what may _seem_to_be_) the last-hop router
is like swinging a stick after a piņata that you can't actually
reach when you are blind-folded. :-)

- ferg


-- Peter Dambier <peter@peter-dambier.de> wrote:

Just an afterthought, traceroute and take the final router. I guess for
aDSL home users you will find some 8 or 11 routers in germany. My final
router never changes. Of course there can hide more than one bad guy
behind that router.

[snip]


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg@netzero.net or fergdawg@sbcglobal.net
 ferg's tech blog: http://fergdawg.blogspot.com/





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.