I’m not sure if many people read this blog, but I recently noticed that the UW project Phalanx (slides, paper, and poster available from Colin Dixon’s site, recently featured on Slashdot) brought up the idea of countering botnets by setting up neutral (‘white-hat’ was tossed around in the /. comments) botnets to negate the adverse effects.
Any thoughts on this? It’s a curiously fun conceptualization, but could this potentially be just digging a bigger grave for the internet?
So, the article plays fun with the idea of using a “good botnet” which was a term I used, but in actuality the good botnet I was referring to is one that’s made up of nodes from a CDN infrastructure like Akamai.
I’m suggesting we build a good botnet by buying the machines, not steal one through nefarious means.
–Colin
If you build a botnet by buying the machines, you’ll likely get a range of IP addresses. Then those IP addresses will be blocked by your targets. Then you have no more botnet.
Make it an opt-in security program. You agree to the terms and conditions, we get the excess bandwidth and CPU of your computer as part of our botnet, you get protected from outside threats.