[afnog] [Fwd: Subject: drone armies C&C report - February/2006]
Gadi Evron
ge at linuxbox.org
Tue Feb 21 15:50:51 EAT 2006
Stephane Bortzmeyer wrote:
> On Tue, Feb 21, 2006 at 02:31:16PM +0200,
> Gadi Evron <ge at linuxbox.org> wrote
> a message of 15 lines which said:
>
>
>>I like that idea, perhaps we can scale it for the full-reports to
>>AS's?
>
>
> Yes!
I will investigate how we can do it.
In the recent BlackWorm/CME-24 incident we cooperated with the SANS ISC,
and were able to email AS's with a message containing a unique URL, so
that each ISP could access the information on suspect infected hosts on
their network.
Using RSS to feed real-time data sounds interesting for this indeed, but
also quite dangerous for centralizing everything to one network which
will be on the receiving end of non-stop attacks.
I will speak with the others and we will see if we can add it to the
TO-DO list.
Gadi.
--
http://blogs.securiteam.com/
"Out of the box is where I live".
-- Cara "Starbuck" Thrace, Battlestar Galactica.
More information about the afnog
mailing list