Battling Bots, Doing No Harm

ISPs, researchers, and law enforcement officials are finding themselves in a quandary in the botnet war, whether to infiltrate and monitor a botnet's command and control, or to shut it down altogether. Both approaches can help trip up a botnet, for sure, but they also run the risk of derailing an investigation.

Most ISPs today just toss lots of bandwidth, managed services, and other tools at botnet traffic on their networks. Their first choice traditionally has been to remain mostly hands-off, due to their lack of resources for investigating botnets, as well as the sticky legal ground such work entails. Dark Reading - Desktop Security - Battling Bots, Doing No Harm - Security News Analysis

Linked by shanmuga Tuesday, 6th March 2007 8:27PM