-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Beware the ITU in these sort of "me too" fads. The are a couple of people who work there who have been doing this for over 15 years. When every they get involved, priority #1 is their personal and ITU agendas - not the agendas or needs of member states.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gadi Evron > Sent: Thursday, November 15, 2007 5:28 AM > To: Paul Ferguson > Cc: [email protected] > Subject: Re: [funsec] FYI: ITU Botnet Mitigation Toolkit > > On Thu, 15 Nov 2007, Paul Ferguson wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Via The ITU. > > > > [snip] > > > > Botnets (also called zombie armies or drone armies) are networks of > > compromised computers infected with viruses or malware to turn them > > into "zombies" or "robots" - computers that can be > controlled without > > the owners' knowledge. Criminals use the collective computing power > > and connected bandwidth of these externally-controlled networks for > > malicious purposes and criminal activities, including, inter alia, > > generation of spam e-mails, launching of Distributed Denial > of Service > > (DDoS) attacks, alteration or destruction of data, and > identity theft. > > > > The threat from botnets is growing fast. The latest (2007) > generation > > of botnets such as Zhelatin (Storm Worm) uses particularly > aggressive > > techniques such as fast-flux networks and striking back with DDoS > > attacks against security vendors trying to mitigate them. An > > underground economy has now sprung up around botnets, yielding > > significant revenues for authors of computer viruses, botnet > > controllers and criminals who commission this illegal > activity by renting botnets. > > > > In response to this, ITU is developing a Botnet Mitigation > Toolkit to > > help deal with the growing problem of botnets. Inspired by the > > Australian Internet Security Initiative (AISI), the toolkit > draws on > > existing resources, identifies relevant local and international > > stakeholders, and takes into consideration the specific > constraints of developing economies. > > The toolkit seeks to raise awareness among Member States of the > > growing threats posed by botnets and the linkage with criminal > > activities and incorporates policy, technical and social aspects of > > mitigating the effects of botnets. The first draft of the > toolkit will > > be made available in December 2007, with pilot tests planned in a > > number of ITU Member States in 2008. > > > > [snip] > > > > Much more here: > > http://www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html > > I had a chat with some ITU people. The secretary general of > the ITU told me I can relay that the ITU is working on > security and cares about these issues. I am still at IGF but > when I come back I will update more. > > > > > > > - - ferg > > > > p.s. Thanks, you-know-who-you-are. :-) > > > > -----BEGIN PGP SIGNATURE----- > > Version: PGP Desktop 9.6.3 (Build 3017) > > > > wj8DBQFHO7Qvq1pz9mNUZTMRApTlAKDbHztsHC73nj44nVuVXkkcWj8jbgCdE4kq > > 8W82k5+sG2DLCrj0O7EwhgM= > > =8zPs > > -----END PGP SIGNATURE----- > > > > > > -- > > "Fergie", a.k.a. Paul Ferguson > > Engineering Architecture for the Internet fergdawg(at)netzero.net > > ferg's tech blog: http://fergdawg.blogspot.com/ > > > > > > _______________________________________________ > > Fun and Misc security discussion for OT posts. > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > Note: funsec is a public and open mailing list. > > -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBRzyI/b/UEA/xivvmEQLAXQCgzKn4KvNq71cuGtxBoYSA9zh6YD0Ani6K 4tg/prf/0ak4KylrDPbbmdLx =k/pR -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
