On Mon, Apr 12, 2010 at 7:17 PM, Darrick Hartman <dhart...@djhsolutions.com> wrote: > That only addresses EC2 (and assumes that Amazon has any interest in > protecting their reputation). What about attacks that come from other > locations? Granted it's pretty easy to buy time on an EC2 server so > this may be the primary source for a period of time.
With the growth of the cloud offerings, this problem will likely grow, so yes, a generic solution is needed. What I want to see though, and no provder has done much if anything about it, is REPORTING and INVESTIGATION. It is easy to use a script to report and submit, we can all do that, even I could (if I had a box running and needed to). The hard part is them having their tech/sys people actually look at the network and see, "Oh, ya, there's some shit happening that on that instance..." If Amazon's form submit didn't even work, that's a really bad reflection on their brand in a lot of ways, including tech competence. If that is know to geeks like us, it won't hurt them which is why, like a broken record, I keep saying: put your Amazon experience out to the public. When it starts being mentioned in Wired, "Storm Cloud" or something, THEN Amazon will have to do something. I do not believe Amazon is taking reasonable measures now in doing their job, and that they should be working towards that goal, reasonable measures as opposed to NO measures. /r -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users