[Dshield] Interesting Zombie Data Graphs

Chris Wright dshield at yaps4u.net
Wed Nov 9 18:51:16 GMT 2005


> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of Pete Cap
> Sent: Wednesday, November 09, 2005 4:28 PM
> To: General DShield Discussion List
> Subject: Re: [Dshield] Interesting Zombie Data Graphs
> Ultimately it's the user's responsibility, but then again the 
> service provider is in a great position to do something about 
> the problem, and since they are also in a position to track 
> traffic and find botnets, some of the responsibility rests 
> with them as well.

I still come back to the agreement I signed when I started with my ISP. 
They all have one, and they all say something along the lines of I will keep
my PC up to date etc and bot.virus.trogan proof etc etc.
But they never follow up on that.
Why have there not been court cases where I can sue a 'comcast' user or
'comcast' itself for not enforcing said agreement.
We've been getting into the analogies again, and I don't want to go there,
but surely they must have some legal responsibility.
If I were to host 'kiddie porn' on my 'comcast' IP space, they would come
down on my like a ton of bricks. Yet apart from those exploited, it affects
a small proportion of the network commnunity.
Yet if I were to knowingly host a spam spewing server on my network, they
ignore 99% of the claims from the millions of end users that are effected.
And that sort of behaviour has financial implications (DOS, etc), yet they
do nothing about it?
I still believe it should be the responsibility of the ISP to enforce their
plans, and we need a way of making them do it.
God knows the technology is out there, and it wouldn't take a rocket
scientist or a NASA budgest to get it going.
We the community should be piling on the pressure to get the ISP's to take
If a box standard home user gets the plug pulled on their connection for
breaking the rules, it is up to them to get it sorted, (either by themselves
by learning, or by pulling one of the 'experts' in).  
I wouldn't want to see ISPs block all ports apart from HTTP, SMTP, POP, FTP
etc, because they don't have to do that.
But they should take responsibility for the end users they allow on to their
network, and they have the processes in place to do that (in EULA's etc),
but they hardly ever follow up with it.

I am sure Comcast would complain if everyone started blocking their IP space
so they their users couldn't access jack.
There should be, (and in a way already exists), a method of blocking any ISP
that does not behave.
Perhaps we should have a global .htaccess with the IP space of all of them
in it.  



More information about the list mailing list