[AusNOG] Analysis of the Carna Botnet (Internet Census 2012)
Joseph Goldman
joe at apcs.com.au
Wed May 29 16:31:29 EST 2013
I wouldn't say they were 'advocating' the technique, merely pointing out
it is the lesser of 2 evils. I'd much rather go through the hassle of
reconfiguring users routers than dealing with the fallout of customer
financial details being leaked from my system.
I would prefer more someone call me and say 'Hey, i found this on your
network, you should fix', but where's the lulz in that?
On 29/05/13 16:28, PRK wrote:
> On 2013-05-29 12:49, Tim March wrote:
>>
>> Yeah, because the punters that are out there executing malicious
>> network attacks 'for the lulz' would totally never do anything like
>> that just in case the AFP kick their door in =)
>>
>> Besides, running Tor and `proxychains nmap -n -sT -sV -iL $input -oG
>> $output -p 23` will pretty much do what you want and keep an attacker
>> reasonably anonymous...
>
> On 2013-05-29 12:48, Heinz N wrote:
>>
>> And what about those professional hackers in China & Russia that are
>> quietly rerouting CPE DNS queries to their 'special' servers? (not for
>> any lulz mind you, but for real $'s) What can the cops here do about
>> them? I reckon it is better that your router goes down (for lulz) and
>> you know that there IS a problem rather than it continuing to quietly
>> just steal all your stuff for years and years. Better a router that
>> goes down than your bank account! IMHO
>
> I am aghast that on a Network Operators Group, there are advocates of
> erasing another operator's production router configuration as an
> acceptable method of notifying said operator that they have a security
> vulnerability.
>
> prk
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list