Skip navigation.
Home

Is it Time for the Gloves to Come Off Yet?

Rob Lemos at Security focus wrote about the tendency of malware to use what are called fast-flux DNS to prevent botnet takedowns. These methods use DNS to ensure that there are redundant backups for a series of call-home hosts. The call-home hosts are remote sites that phishers or other malicious people have taken over to collect data. Simply put malware authors are using economies of scale to provide redundant backup to their servers. This lets them stay online for much longer periods of time. The problem is that takedown notices for these affected websites are not very effective as each host owner must be contacted.

With the current ethical thinking there is no other resource available to the burgeoning white-hat trying to fix this problem. The current method for reigning in these problem sites is to contact the site owner, convince them they have a problem, and wait. This causes an unnecessary amount of time to be wasted, while thousands of credit cards are stolen. The massive scale of this creates a situation where there is no other recourse for defensive reaction.

Is it time to start considering a vigilante corp to deal with these problems? It would certainly allow for a quicker more concerted response to the issue. There are companies that are walking the ethical line in gathering and reporting these problems, but perhaps it is time to set the scope wider. Create it as a government sanctioned activity, but get someone in there with a quick response to deal with the problem.