[nsp-sec] DDoS traceback to identify open resolvers
Jason Chambers
jchambers at ucla.edu
Thu Jun 6 01:27:10 EDT 2013
On 6/5/13 10:23 PM, Jason Chambers wrote:
> Bad idea ? In addition to tracking open recursive servers I thought it
> would be interesting to regularly track all the DoS targets; if and when
> a botnet is disrupted it would work something like a "damages database"
> to add towards whatever LEO uses to justify indictment. I'm sure there
> are other uses as well.
>
Sorry I'm repeating myself and not making it clear.. but you get the
idea hopefully which is.. in addition to helping people actively
traceback and work on closing open resolvers and BCP38 efforts it has
this additional benefit of recording a history of attacks and offering
the data to LEO/Gov for something useful.
--Jason
More information about the nsp-security
mailing list