mitigating botnet C&Cs has become useless

[good stuff elided]

I agree that the root of the problem is the miscreants perpetrating
these crimes, and they need to be prosecuted, but the responsibility
falls far wider than the SPs.

I also accept the references provided by Paul and others, but what's
the near-term alternative?

-danny

I would suggest more specific attention by service providers
specifically, and everyone in general, perhaps with more
"abuse services" -related tracks at meetings like NANOG. :slight_smile:

Or something along those lines...

I think the problem(s) have ballooned to the point where
everyone is feeling a bit overwhelmed in getting the cooperation
needed to take down botnet C&C's, phishing hosts, and other nefarious
"services" -- some which try to hide using DNS RR "fast-flux", etc.

The whole business of getting cooperation in this area needs much
improvement.

- ferg

IMHO,

This is not a problem we can solve by adding:

a) technology (other than completely dumping the OS(s) that make this
possible)
b) manpower

I think it can be solved by reducing the margins in the miscreant
business line
or ideally having it have negative margins.

I would suggest more specific attention by service providers
specifically, and everyone in general, perhaps with more
"abuse services" -related tracks at meetings like NANOG. :slight_smile:

Or something along those lines...

<snip>

I think better to focus on the economics of the business as part of the
abuse track.