Receive/Transmit

This post on pauldotcom is a handy way of running a command line instruction on every machine in the domain. Ideally you’d use group policy for this kind of thing, but its still useful to know.

This is a really interesting article from Cisco which gets into the head of someone who controls large botnets for profit. There’s a slight bit of marketing for the Cisco IPS product in there, but apart from that its a really insightful read.

One of the most interesting parts for me was psyche of the guy that was behind it – they clearly knew that what they were doing was wrong and that they could get into a lot of trouble for it, but this didn’t override their urge to show off. Even when the Cisco researcher confessed that he’d been decieving them the whole time, they happily went along with his next deception and started giving out even more detailed information.

Another bit that really struck me was the amount of paranoia this individual seemed to have to live with, not only due to law enforcement potentially being after him but because of the possibility of his peers stealing his botnet while he slept.