I agree Mike, hence my original post for some brain storming from some of the smartest people on the planet who read FunSec!
> ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 01 Jan 2009 17:22:52 +0000 > From: Mike Preston <[email protected]> > Subject: Re: [funsec] idea > To: RandallM <[email protected]>, [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Its not that bad an idea... > > However, you still need to find a way to find the sites in the first > place, find out they are who they say they are and then authenticate the > downloads. > > Not impossible, but not trivial either. > > Mike Preston > > RandallM wrote: > > Matt > > I am not referring to ddos but to the common folk being hit with the > > fake malware and anit viurs programs at tremendous rates lately. Have a > > way to "get to" help sites and programs. > > > > On Thu, Jan 1, 2009 at 9:17 AM, Matt Jonkman <[email protected] > > <mailto:[email protected]>> wrote: > > > > You pay big bucks to use akami. And they don't give the service away. > > > > I don't think it's that big a threat these days. Good colo with some > > basic anti-ddos isn't to tough to get if you're a frequent target. I > > haven't been hit for a half a year at least, and don't expect any > > anytime soon. > > > > Matt > > > > RandallM wrote: > > > Ok, great stuff so far. Is akami the answer. How can that be done. > How > > > can we use that and how can it be tested. > > > > > > > > > > > > On Thu, Jan 1, 2009 at 12:11 AM, Matt Jonkman > > <[email protected] <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>> > wrote: > > > > > > I had a similar idea a few years ago (I may have been drinking > > at the > > > time too). > > > > > > Mine was more oriented to when we were taking a ddos every week > as > > > security projects. I proposed all of us poor open source > security > > > projects band together and do an akami type hosting. Everyone > > hosted > > > everyone that was part of the setup, and we used dns to spread > > the load. > > > > > > But alas, ddos isn't the problem it used to be. Probably good > > we didn't > > > go through the effort to make it happen. > > > > > > Matt > > > > > > Paul Ferguson wrote: > > > > It's called Akamai. :-) > > > > > > > > - ferg > > > > > > > > On Wed, Dec 31, 2008 at 7:58 PM, RandallM > > <[email protected] <mailto:[email protected]> > > > <mailto:[email protected] <mailto:[email protected]>>> > > wrote: > > > > > > > >> ok, I am drinking, after all it is the NYE celebration. But, > I > > > had this > > > >> idea pop in. Remember, it is a "first thought idea". That > > means I > > > am in > > > >> need of input to brainstorm with me on it. Here is the > initial > > > thought: > > > > > > > >> When fixing infected computers I find that: > > > >> 1. most people don't have programs installed for preventive > > much less > > > >> combative > > > >> 2. depending on the infection one cannot download programs > > or go to > > > >> "helpful" sites to use. > > > > > > > >> malware sites often rotate IP or DNS in order to "hide". > > > > > > > >> Thought: > > > >> Why can't we using the same type of process provide access > to > > > programs > > > >> and or sites in the same manor so that the malware > > infections cannot > > > >> "block" because the sites are not permanant? > > > > > > > >> Symantec is and always will be "www.symantec.com > > <http://www.symantec.com> > > > <http://www.symantec.com>", as with other sites. > > > >> they are blocked by malware infections (in various ways that > I > > > would love > > > >> to > > > >> understand more). If there were "server" around the globe > > open with > > > >> online scanners and tools that rotated with DNS and or IP > > > addressing the > > > >> malware could not block it. > > > > > > > >> Can this be done with a revolving network of servers from > > volunteers? > > > > > > > >> Make sense or have I already drank too much? > > > > > > > >> -- > > > >> been great, thanks > > > >> Big R > > > > > > > >> _______________________________________________ > > > >> Fun and Misc security discussion for OT posts. > > > >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > >> Note: funsec is a public and open mailing list. > > > > > > > > > > > > > > > > > > > > > > -- > > > -------------------------------------------- > > > Matthew Jonkman > > > Emerging Threats > > > Phone 765-429-0398 > > > Fax 312-264-0205 > > > http://www.emergingthreats.net > > > -------------------------------------------- > > > > > > PGP: http://www.jonkmans.com/mattjonkman.asc > > > > > > > > > > > > > > > > > > -- > > > been great, thanks > > > Big R > > > > -- > > -------------------------------------------- > > Matthew Jonkman > > Emerging Threats > > Phone 765-429-0398 > > Fax 312-264-0205 > > http://www.emergingthreats.net > > -------------------------------------------- > > > > PGP: http://www.jonkmans.com/mattjonkman.asc > > > > > > > > > > > > -- > > been great, thanks > > Big R > > > > > > ------------------------------------------------------------------------ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAklc++wACgkQvhwPecbXDdzxJACggD2VdvlEebFbCH71jR9Qu3yw > aEwAoIaizAZ38B5ejNfZDxqH8b489opt > =irOW > -----END PGP SIGNATURE----- > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: smime.p7s > Type: application/x-pkcs7-signature > Size: 6740 bytes > Desc: S/MIME Cryptographic Signature > Url : > http://linuxbox.org/pipermail/funsec/attachments/20090101/9f461a79/attachment-0001.bin > > ------------------------------ > > _______________________________________________ > funsec mailing list > [email protected] > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > End of funsec Digest, Vol 41, Issue 2 > ************************************* > -- been great, thanks Big R
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
