[Dshield] Why???

KeithTarrant KeithTarrant at spamcop.net
Thu Oct 3 00:18:51 GMT 2002


Port scanning wastes bandwidth, bandwidth that ISPs have to purchase,
directly reducing profits.  Hacking increases customer service expenses
and decreases customer satisfaction, leading to reduced customer referrals
and reduced profits.  Hacking also increases the need for redundant
equipment and staff.  Hackproof software does more internal checking and
requires more horsepower to run, increasing the size and cost of
processors required.

Hacking wastes real trees and reduces profits.

So ISPs do have an interest in keeping hacking activities undercontrol.

But, in my opinion, currently there is not sufficient reason to maintain
the staffing necessary to shut down hackers in hours instead of days or
weeks.

Of course President Bush could change all that tomorrow, decide that port
scanning provides too much camoflague for "America's Enemies", making it
worthy of 10 year sentences, make the open distribution of malware a
violation of "Trading with the enemy" laws, worthy of life in prison.  Of
course sentences like that would be an over-reaction.

Besides, I suspect (no proof) that our own governments (I'm in Canada)
probably use the camoflague aspects themselves.

Unfortunately, some abuse analysts are people who want to work with
computers, but can't tolerate how darn boring it is most of the time, and
who didn't realize how average the pay is.  This sometimes happens with
programmers too.  It leads to low-quality work and a low volume of work.

Ian, it doesn't matter if ones own ISP cares about scans or not, because
the majority of scanning comes from other ISPs' customers.

My ISP has 2 departments that work on abuse.  One focuses on excessive
bandwidth use (stability), the other scanning.  On average scanning stops
7 days after reports are sent.  Roadrunner takes 8 days.  These times are
pretty good. Comcast takes 2 weeks.  IBM 1-1/2 months.

As for making friends, that is true for the best programmers too.  If you
do a good job, you aren't called in to fight fires at 3AM, you don't get
the OT, you don't get the open gratification from a mis-informed
management.





More information about the list mailing list