[LINK] Detailed article on botnets

[Craig Sanders]

On Fri, Nov 03, 2006 at 09:49:39AM +1100, Kim Holburn wrote:
> Here is a detailed article on wired about Botnets (and Blue Security)  
> and why we need IDS and how the bad guys have won control of the  
> internet for now:
> http://www.wired.com/wired/archive/14.11/botnet.html
> 
> A sad story.

i suspect that, in the medium term at least (i.e. for as long as people
are using Microsoft Windows[1]), the only solution to botnets and viruses
is to fight them with yet more viruses. monitor the botnet communication
channels and infect every infected machine with a virus which shuts down
that machine's network interfaces and/or refuses to boot except in 'safe
mode'. this would force the owner of that machine to take action to
secure their machine....and if they didn't, at least it would be off the
net.

of course, that would be illegal. but i don't see any other solution -
you can't find the attackers to take them down, but you can easily find
the infected machines that make up their botnet....and you know that
they're vulnerable to infection.

IMO, it should be illegal to put an insecure machine on a public
network, just as it's illegal to drive an unsafe vehicle on a public
road. it's criminal negligence.



[1] which is, of course, the root cause of the problem. if people
weren't running MS Windows, or if windows wasn't so ridiculously
insecure then there wouldnt be a botnet or virus problem in the first
place.

running MS Windows isn't just a personal choice, any more than it's just
a personal choice to spray weeds in your back yard with DDT. that choice
has harmful effects on others.



craig

-- 
craig sanders <cas at taz.net.au>           (part time cyborg)