I came across an interesting visual representation of a botnet this week and I started thinking about the solution to the problem. After throwing out poor solutions that focus on the destination of an attack such as disabling the target (which most ISP's do) and blocking ip addresses (impossible because you have to block thousands of random IP's), I realized that the correct solution is the answer to this question: "how can you disable a decentralized network?"
The answer to that particular question is difficult because there isn't a single point of failure. There isn't a central point of control on which to focus your efforts. This explains the music industry's failure make any significant dent in the peer-to-peer networks and Microsoft's inability to extinguish Linux. And, interestingly, the Internet itself is the largest decentralized network. How can one disable the Internet?
In regards to botnets, I suspect that a strict technical solution will never work because there isn't a single point of failure. Any serious attempt to do so will require other non-technical channels and, unfortunately, there isn't an incentive for any organization to take on the task.
Most spam comes from just six botnets - register.co.uk
What a botnet looks like - csoonline.com
Comments