Randy wrote: > 19 years old! Thats it! And he writes code to control a network of > PC's that changes the way botmasters can control their domain. > My 19 year old is more interested in what latest rap song is out and > can he get all the words down! > > "Fast-Flux", its called. Who on this list is up to date on this? I > would be interested in understanding this if this is what we have to > fight. > I have been asleep in this area. I'm googling now but links are welcomed! > > 19-year-old 'fast flux' botnet pioneer agrees to plead guilty > http://www.theregister.co.uk/2008/06/28/nugache_creator_plea_agreement/
Randy, The Honeynet Project released a KYE paper on Fast Flux last year: http://www.honeynet.org/papers/ff/ Jose Nazario, Christian Gorecki and I presented at FIRST last week on this topic, and Dave Dittrich has a lot more detail on this particular botnet. Note that Nugache was P2P based, not DNS based, and wasn't a Fast Flux botnet, so a bit of confusion in that particular article (but still good to hear he pleaded guilty). Thanks, David -- David Watson UK Honeynet Project www.ukhoneynet.org [EMAIL PROTECTED] _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
