What Makes a Great Team Member? This is so true! Our project management team, and some other people I know fit this description pe...
Botnet Counterattack
Share This -
In reading over the technology news in the last couple of
days I saw an article about the actions of Fireeye , Inc a small security firm
located in Milpitas, CA which is in the southern bay area. What Fireeye did was
quite remarkable and is not something that has been accomplished by the larger
anti-spam establishment. What they managed to do was take down a large portion
of the Mega-D or Ozdok botnet network. What the Mega-D botnet network did was
take advantage of a large network of hacked machines and used them to unleash
large amounts of spam through multiple communication channels.
They did this through a large amount of monitoring and
research which allowed them to learn how the system worked and how it was
controlled. The action itself was done on a couple of layers including the
first which targeted the controller machines and involved notifying all
carriers hosting Mega-D control machines and having them brought down. This
along with the removal (or at least suspension) of known Mega-D domains from
Internet DNS servers and the pre-attack registration of domain names hard coded
in the Mega-D software allowed the researchers to bring the network to its
knees. The second phase of the action involved the monitoring of the
pre-registered domains for bots calling in to find their next instructions;
this allowed the researchers to get a picture of a large portion of the
machines which were used as bots.
My question which comes from this story is why it took a
small security firm to accomplish this action. While the researchers are
certainly very skilled are they really the only ones which can figure this type
of network out? I don’t think so; I also don’t think it is the responsibility
of a small company to pay for the laziness and/or ineptitude of federal and
state law enforcement. This type of action should be taking place all the time,
and be funded by the tax dollars which go into the government to keep these
types of networks small and inefficient. So law enforcement folk out there if
you need to hire this company or any other security company with the knowhow
and take the action to the spammers instead of just reacting; just do it and be
proactive.
-sean
Comment on this article
Only registered users can write comments. Please login or register.
