In Moving Ahead in the War Against Botnets, 12 Sep 2006, the blogger Darknet comments on an article that says that Gadi Evron, manager of the Israeli CERT, started a public mailing list back in March:

Over the last year, the group has done its work quietly on closed, invite-only mailing lists. Now, Evron has launched a public, open mailing list to enlist the general public to help report botnet C&C servers.

The new mailing list will serve as a place to discuss detection techniques, report botnets, pass information to the relevant private groups and automatically notify the relevant ISPs of command-and-control sightings.

Hunt Intensifies for Botnet Command & Controls By Ryan Naraine, EWeek March 2, 2006

This is a good example of collective action against aggregate damage.

The same article quotes Dan Hubbard about Websense’s botnet-spotting features in its products. This is a good example of how commercial products can complement for-free collective activities such as mailing lists.

-jsq

PS: Thanks to Wendy Nather for this one.