[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Botnet hunting resources
Jack Bates wrote:
> J.D. Falk wrote:
>> Hi, Luke! MAAWG recently published a document to help ISPs deal with
>> infected machines in their networks. It's not the same kind of
>> pressure, but (as we learned with open relays at MAPS) pressure isn't
>> very effective unless there are tools available to deal with the problem.
>
> It could also use a lot more resources? Watching traffic flows for
> traffic destined to known C&C addresses is nice, but including a pointer
> to a resource that actually gives those addresses is much more useful.
> For those who don't deal with it every day, the document just says they
> need to spend even more time with google.
I'll share your comments with the document authors. They're treating it as
a living document, with updates expected regularly.
--
J.D. Falk
Return Path Inc
http://www.returnpath.net/