Wednesday, October 26, 2005

Defending Against Botnets

I'll be speaking next week at Arizona State University's "Computer Security Awareness Week" on the above topic. My talk is on Wednesday, November 2 at 11 a.m. at the Polytechnic Campus in Union Ballroom C, and will be followed by Erik Graham of General Dynamics speaking on Wireless Security. I've been told to be as technically detailed as I like, though I think this is a problem which is in greater need of having its economic aspects addressed, in order to drive the implementation of the existing technical solutions. Bruce Schneier has suggested that ISPs need to be held liable for malicious traffic they originate; I'd amend that to say that they should be held liable to the extent there are commercially reasonable measures to prevent, detect, and respond to such traffic and they don't do it. I agree with Schneier that the ISPs whose end users have compromised machines are in the best position to address the problems those compromised machines create--along with the manufacturers of the operating systems they run.

3 comments:

Einzige said...

I wish I could be there to see it! Sounds like an interesting topic.

Jim Lippard said...

My presentation has been put online here: http://www.asu.edu/security/aware/2005/ppt/Defending_Against_Botnets_Presentation_Lippard.ppt

Jim Lippard said...

Streaming audio and video of my presentation should be on the ASU site by tomorrow.

Unfortunately, the audience was quite small. ASU's Polytechnic Campus is way out east of Phoenix, on the former Williams Air Force Base which ASU purchased and turned into its east campus. It doesn't appear that it has a very large student population yet. I was amused that the streets are named after military figures. To get to the Student Union I drove on a street called Twining, named after General Nathan Twining. Twining is a name well-known to UFO enthusiasts, as his name was used on one of the forged "MJ-12" documents known as the Cutler-Twining memo, and also authored a genuine document that discusses UFOs (and is often misinterpreted by UFO advocates as claiming that crashed saucers have been recovered).

My talk was followed by a talk on Wireless Security by Erik Graham of General Dynamics, which covered threats and defenses for 802.11 and Bluetooth.