Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
November 10, 2007, 4:16 pm
rate this thread
criminal controlled botnet infrastructure. A "white hat" botnet
programmed to DDOS the individual zombie computers of a criminal botnet.
Several alternate techniques may provide the means to acheive this end.
Attaching to a project such as HoneyNet provides an existing
infrastructure to get the project rolling in short order. A competing
solution would be to create a new project called BotBrigade which mimics
existing botnet behaviour. The BotBrigade would be a decentralized
infrstructure, and this method presents the best resilience thus using
the criminal's tools against the criminal! These computers would share
the IP addresses culled from victimized hosts, The BotBrigade would
cross-reference the IP address of a BotBrigade DDOS target (a criminal
controlled zombie) from at least three different source BotBrigade Traps
(a computer reporting the IP source address of spam).
50 BotBrigade zombie computers could cripple the Internet connection of
one criminal controlled zombie. Let the owner of the criminal controlled
zombie call their ISP to inquire about the Internet connectivity
failure. Let that owner clean their computer with appropriate software.
The DDOS would be sustained for a specific interval, perhaps 24 hours or
until failure to respond to ICMP requests, to avoid causing problems
with DHCP leases to uninfected hosts.
The computer security providers and ISPs demonstrate their inability to
protect. The initiatives they utilize provide a statistically
meaningless impact on criminal botnet activity.
The reasonable people of Internet community can stop the botnet plague!
Stop the time wasting spam!
Re: The BotBrigade Proposal, Botnet Versus Botnet
I propose leveraging underutilized resources. If the resources remain
underutilized, then the resources waste.
In practice, reactive security measures fail for consumer class devices.
In the enterprise, reactive security gain some protection, but will do
nothing in the coming botnet attacks. Limited time for a proactive
approach exists to mitigate a cascading Internet interupption for
everyone due to botnet activity.
I cite two recent articles. The first outlines a less than efficient
security scheme presented by a vendor. The failure will be inaction of
'home' users who tend to ignore moderate reductions in computer
responsiveness; furthermore, the cooperative nature of the initiative
will be it's downfall. The second presents the dominant ground held by
the criminal botnet controllers.
Computer scientist fights threat of ‘botnets’
Oct. 31, 2007
by Brian Mattmiller
The World's Biggest Botnets
NOVEMBER 9, 2007 | 1:08 PM
By Kelly Jackson Higgins
Senior Editor, Dark Reading
- » unknown outgoing tcp traffic - should I be worried?
- — Previous thread in » Computer Software Security