[AusNOG] Telstra manipulating DNS to block botnets

[Mark Andrews]

If you can identify C&C domains lookups you can quarantine the site
with self release with a progressively long hold times for repeat
offenders.  Add a grace period or restricted access to the net to
allow for self cleanup.

If you are a C&C researcher, computer repair shop, etc. you need
to get yourself onto a exclusion list.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org