[Dshield] Idea for dealing with ISPs that ignoreabusenotificatons was RE: The Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])

Kenneth Coney superc at visuallink.com
Sun Aug 27 18:52:44 GMT 2006


I use the net for business purposes and definitely fall into the first 
paragraph.  Perhaps you mean companies that earn revenue from the net 
itself?  I.e., selling advertising links, or hosting a web page, etc?  I 
suspect a very large percentage of Internet use world wide falls into 
your first paragraph.  Certainly, we, from the home, users (business or 
otherwise) are the spammers target, and the many home users who go on 
line (for economic reasons) with their Win 95 and Win 98 machines are 
frequent targets for hostile probes of their firewalls (with the target 
being those with obsolete firewalls, or often no firewall at all).  
Put/connect an unprotected (I include machines with Win 95 firewalls 
whose software vendors unwisely decided not to offer more free upgrades 
once XP came along in this category) Win 95 or Win 98 machine on the Net 
and watch as it is first probed, then compromised (often within the 
hour), then later used as the base for an attack on the general purpose 
web servers, or mail servers. 

Protecting the Joe Sixpack user is a very important part of protecting 
"Mr. Corporate's servers."  Somehow the Net industrialists still don't 
see that, but still desire the chance to make revenue off Mr. Sixpack.  
Then they cry because 10,000 machines belonging to the Joe Sixpacks of 
the world are used to launch zombie DOS attacks or launch spam.  [I 
won't even start the diatribe about how irresponsible it is to use an 
unpatched Apache v1 server or similar as a host server, which I still 
see now and then.]


Subject:
Re: [Dshield] Idea for dealing with ISPs that ignoreabusenotificatons 
was RE: The Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])
From:
"Tomas L. Byrnes" <tomb at byrneit.net>
Date:
Sat, 26 Aug 2006 10:45:51 -0700

To:
"General DShield Discussion List" <list at lists.dshield.org>


I think this is great, for a network that doesn't NEED to provide access
from the broader Internet on a non-prior contact basis (like your home
PC, or a small company that uses outsourced e-Mail). 

But it doesn't work at all for general purpose web servers, or mail
servers where you actually may want to hear from people you've never
heard from before.

Both those criteria apply to just about anyone who uses the 'net for
business purposes.



More information about the list mailing list