Comments on: The Real Profile of a Zombie Botnet Waking Up and Taking Over an ISP’s Customers Computers

By: chris

chris — Fri, 12 Dec 2008 15:43:11 +0000

if any of the ip’s took the time to blacklist certain things, this would have never happened. about the stupidest thing i’ve ever seen anyone do with a botnet.

By: Matthew, SF, CA

Matthew, SF, CA — Mon, 30 Jul 2007 16:04:33 +0000

Huey - you’re absolutely right.
Gary - if you do some investigating - e.g. search nanas for reports on that date, between 18:00 and 20:00, you’d probably be able to ID them by identifying a spike.

By: Huey

Huey — Tue, 05 Jun 2007 06:11:52 +0000

Place the responsibily with those that allowed the breach so the informed consumer could react accordingly.

The ‘responsibily’ lies with the thousands of end-users who managed to get themselves trojanned, but anybody with experience at an ISP knows that that’s something that exists anywhere. What makes this ISP different is that 1) they were already forcing their customers to go through their smarthosts, 2) they already had an automatic abuse detection and mitigation system, and 3) they had live staff that could react to the problem in real-time.

The name of the ISP who reported this would be a PR coup for them, because they’re doing significantly better than most of the rest of the industry.

By: Gary

Gary — Mon, 04 Jun 2007 19:56:40 +0000

If the name of the ISP was also reported this would be a newsworthy story.

Inagine an analogous storyline “A lage bank in the US had all their credit card numbers and autorization codes stolen” without naming the bank.

Place the responsibily with those that allowed the breach so the informed consumer could react accordingly.