To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- >> http://www.infiltrated.net/?p=29
Although this seems to be yet another conspiracy theorist hard at work, there are some interesting issues raised. Not the least of which is why is it that network equipment manufacturers are still doing static rule-based access control when clearly a distributed approach could be easily done? After all, what is an RBL but a DNS-based distributed access list? Granted, while I don't work for a transit carrier and manage a mere OC-3 worth of data to a few thousand end-users, it would be nice to have an IP-granular "kill-switch" system that I could use to signal an upstream router to stop sending data from a network or ASN because it's causing me problems. I can do it already at the host level with a system I fudged together, but the data still comes into my network before I can drop it. So IMHO this article relates very little to botnets (other than to assign blame to larger carriers), but it does beg the question of whether an IP-granular, UDP-based record manager would be a suitable building block for a distributed firewall system. The RBL systems are already there. -- Jon Those who make peaceful revolution impossible will make violent revolution inevitable. -- John F. Kennedy _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets