[Dshield] An Abuse-Free internet organzation
clewis at iquest.net
Tue Jan 20 15:33:30 GMT 2004
Of On Tuesday, January 20, 2004 9:55 AM, Erwin Van de Velde wrote:
>When I recently posted a message about using the infoCon status to block
>some ports when a new and severe attack was launched, I got lots of
>messages, saying that uptime is so important, that even under those heavy
>conditions traffic should not be blocked automatically. Now you're
>proposing to block of hordes of users, just because one of them has done
>something 'naughty' .what probably is of no importance to the owner of the
>server. I'm expecting quite some 'NO'-yelling now :-)
>As long as only a couple of people are doing this, this would not be the
>way to go for firms etc. that depend in any way on their websites to make
>And as long as they don't join such ISP's there would only be a couple of
>people doing this, and so we already close the circle :-)
And can see both points/issues.
But Erwin, when a vast amount of the attacks/probes to my server comes from
Verizon and reporting things to them gets absolutely no response ? And they
are not the only big name that chooses to not respond... Where does that
leave us ?
Also, and you smarter folks here please correct me, I think I've read/heard
that a real easy way to vastly reduce spam is if ISP's would validate the
address(s) that stuff comes from ?
More information about the list