Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: What to do with bot networks
From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 03 Dec 2004 12:52:05 -0600

--On Friday, December 03, 2004 12:27:20 PM -0500 Conor Sibley <csibley () gmail com> wrote:

-Do I disable the network
This is a huge network that is likely used for DDOSing.  If you've
ever been DOSed... it sux.

-Do I report to ISP or authorities
The ISP is in an eastern European country and I don't know if the
local authorities would do anything let alone care.

-Do I do nothing
This option sucks but it sure is the easiest

The answer to this question is inversely proportional to the amount of time you have to screw with it.

case "$1" in
   echo $"Usage: 0$ {no_time|some_time|lots_of_time}"
   exit 1

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]