RSA Conference 2010
Lessons in Botnets: The After-effects of ISP Takedowns
Symantec Hosted Services
Session ID: HT1-202
Session Classification: Advanced
The takedown of four major ISPs over the past year has offered deep insight into spamming behavior and the life expectancy of some of the most powerful botnets ever known. With the demise of Intercage, McColo, Pricewert and Real Host, spam levels dropped to some of the lowest levels ever seen, but then quickly rose again in varying capacities. What have we learned about botnets from these landmark events and how can we use this intelligence to better track and defeat them?