Botconf 2018 – Day 3 Wrap Up
The last day of Botconf.
HTTP and botnets
There was one talk I will remember by Piotr BIAŁCZAK who looked at the HTTP protocol to figure out if we could use certain features to look at the HTTP traffic in our network and distinguish botnet traffic from other traffic.
The conclusion for me was “No, you can’t distinguish it based on a feature”. It depends to much on being lucky the author made a mistake. Then again it must be said if you know that you have a limited set of user-agent strings, checking if any other occur is always a good idea.
Never the less, it must be said that a question can only be answered by researching data and thus it is important to have presentations like this.
And the winner is … Bordeaux
Traditionally at the end of the conference the organization announces where the next edition will take place and this will be as usual the first week of December but in a different town. Next year the city that will be the host for Botconf 2019 is Bordeaux.