Sure it is something I should know, but I keep hitting dead ends.
What is current state on botnet reporting procedures?
A minor irritation currently, but clearly well resource botnet is pestering
one of our services, only a couple of thousand IP addresses in use, but I'd
like to mop up as much of it as possible whilst it is only an irritation,
since presumably between irritation and being off the Internet is only one
command.
Lots of Botnet related resources seem to have vanished from the net, or be in
poor repair.
RIPE provide an API for Abuse address lookup, so a potential solution exists
for automaton. But I figure someone else will have written some scripts or
interfaces to save me messing it up, and landing 100's of abuse desks with
useless information.