Comments on: Who Ya Gonna Call? **Updated** http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/ A weblog dedicated to educating the community on security threats that matter Wed, 10 Mar 2010 17:00:15 -0500 http://wordpress.org/?v=abc hourly 1 By: Security Tips » FBI, DOJ Reveal Operation Bot Roast http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/comment-page-1/#comment-35128 Security Tips » FBI, DOJ Reveal Operation Bot Roast Mon, 09 Jul 2007 16:47:38 +0000 http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/#comment-35128 [...] Citizens can also refrain from calling the FBI in the event their computer is infected. Instead, the government agency suggests that they inform their ISPs. Danny McPherson pointed out, “Now, apparently, no one thought to vet this recommendation with ISPs. ISPs, and in particular those that cater largely to residential markets, invest a considerable amount into minimizing help desk and support-related calls in order to optimize profitability and ROI for traditionally lower margin services.” [...] [...] Citizens can also refrain from calling the FBI in the event their computer is infected. Instead, the government agency suggests that they inform their ISPs. Danny McPherson pointed out, “Now, apparently, no one thought to vet this recommendation with ISPs. ISPs, and in particular those that cater largely to residential markets, invest a considerable amount into minimizing help desk and support-related calls in order to optimize profitability and ROI for traditionally lower margin services.” [...]

]]> By: R. Kerns http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/comment-page-1/#comment-29500 R. Kerns Mon, 18 Jun 2007 19:07:36 +0000 http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/#comment-29500 When they talk about this endeavor (BTW Operation Bot Roast is a terrible name because its too funny!) I have to wonder what exactly is supposed to happen upon notification that your box is a zombie? Articles are discussing that each Bot-owned box is its own miniature crime scene and can provide evidence to help catch the criminals behind them. But realistically how many people are going to allow their system to be inspected to gather any kind of evidence? Not to float the Arbot boat here but it seems more realistic to run honeynets and monitor/investigate bot activity that way. If you want to start to notify users that their machines are owned then thats all nice and well, but as stated when these users ask, "How the hell do I fix it?" they are not going to be satisfied when the FBI basically says "Well we dont provide support we just do notification..." Seems like a waste of time to me. Instead why not create some govt sponsored security apps that we can provide to the non-technical user community for free? Maybe I'm just being negative but Bot Roast sounds like a waste of time and money to me. (Also what happens when they incorrectly inform ppl that their systems are owned?) When they talk about this endeavor (BTW Operation Bot Roast is a terrible name because its too funny!) I have to wonder what exactly is supposed to happen upon notification that your box is a zombie? Articles are discussing that each Bot-owned box is its own miniature crime scene and can provide evidence to help catch the criminals behind them. But realistically how many people are going to allow their system to be inspected to gather any kind of evidence?

Not to float the Arbot boat here but it seems more realistic to run honeynets and monitor/investigate bot activity that way. If you want to start to notify users that their machines are owned then thats all nice and well, but as stated when these users ask, “How the hell do I fix it?” they are not going to be satisfied when the FBI basically says “Well we dont provide support we just do notification…” Seems like a waste of time to me. Instead why not create some govt sponsored security apps that we can provide to the non-technical user community for free?

Maybe I’m just being negative but Bot Roast sounds like a waste of time and money to me. (Also what happens when they incorrectly inform ppl that their systems are owned?)

]]> By: chris http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/comment-page-1/#comment-28584 chris Thu, 14 Jun 2007 22:45:03 +0000 http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/#comment-28584 Social Engineering DDoS on ISP Helpdesks Launched by FBI!, news @ 11 ;) Social Engineering DDoS on ISP Helpdesks Launched by FBI!, news @ 11 ;)

]]> By: Paul http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/comment-page-1/#comment-28529 Paul Thu, 14 Jun 2007 18:45:25 +0000 http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/#comment-28529 Danny- I notice you didn't include your phone number :-) -paul Danny-
I notice you didn’t include your phone number :-)
-paul

]]> By: Beware of BotNet Attack » SELaplana http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/comment-page-1/#comment-28459 Beware of BotNet Attack » SELaplana Thu, 14 Jun 2007 11:14:28 +0000 http://asert.arbornetworks.com/2007/06/who-ya-gonna-call/#comment-28459 [...] SecurityFocus and Digital Daily Save to del.icio.us • Stumble It! • Submit To Netscape • Digg This! Enter your email address toSubscribe: [...] [...] SecurityFocus and Digital Daily Save to del.icio.us • Stumble It! • Submit To Netscape • Digg This! Enter your email address toSubscribe: [...]

]]>