[Dshield] Idea for dealing with ISPs that ignoreabusenotificatons was RE: The Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])
superc at visuallink.com
Sun Aug 27 18:52:44 GMT 2006
I use the net for business purposes and definitely fall into the first
paragraph. Perhaps you mean companies that earn revenue from the net
itself? I.e., selling advertising links, or hosting a web page, etc? I
suspect a very large percentage of Internet use world wide falls into
your first paragraph. Certainly, we, from the home, users (business or
otherwise) are the spammers target, and the many home users who go on
line (for economic reasons) with their Win 95 and Win 98 machines are
frequent targets for hostile probes of their firewalls (with the target
being those with obsolete firewalls, or often no firewall at all).
Put/connect an unprotected (I include machines with Win 95 firewalls
whose software vendors unwisely decided not to offer more free upgrades
once XP came along in this category) Win 95 or Win 98 machine on the Net
and watch as it is first probed, then compromised (often within the
hour), then later used as the base for an attack on the general purpose
web servers, or mail servers.
Protecting the Joe Sixpack user is a very important part of protecting
"Mr. Corporate's servers." Somehow the Net industrialists still don't
see that, but still desire the chance to make revenue off Mr. Sixpack.
Then they cry because 10,000 machines belonging to the Joe Sixpacks of
the world are used to launch zombie DOS attacks or launch spam. [I
won't even start the diatribe about how irresponsible it is to use an
unpatched Apache v1 server or similar as a host server, which I still
see now and then.]
Re: [Dshield] Idea for dealing with ISPs that ignoreabusenotificatons
was RE: The Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])
"Tomas L. Byrnes" <tomb at byrneit.net>
Sat, 26 Aug 2006 10:45:51 -0700
"General DShield Discussion List" <list at lists.dshield.org>
I think this is great, for a network that doesn't NEED to provide access
from the broader Internet on a non-prior contact basis (like your home
PC, or a small company that uses outsourced e-Mail).
But it doesn't work at all for general purpose web servers, or mail
servers where you actually may want to hear from people you've never
heard from before.
Both those criteria apply to just about anyone who uses the 'net for
More information about the list