To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
On Fri, Sep 21, 2007 at 10:02:32PM +0000, John Fraizer babbled thus:


> Again, there is no silver bullet.  It is *NOT* the responsibility of the
> providers to force safe computing down the throat of their customers.

I disagree with this.  By your reasoning, it's not the responsibility
of the university I work for to make sure students don't put infected
machines on the network (we actually take a very proactive approach to
minimize the number of 'problem' machines we have on the network).

To go back to your earlier analogy of a user enticing Joe Botherder,
you're right - there's little an ISP can do in that case.  But when
you're talking about machines actively sending out spam/involved in a
DDoS/etc., then yes, it *is* the ISP's responsibility to do something.

I'm not saying an ISP should be watching everything that goes on on
it's network at all times.  However, when an abuse department is
contacted about a problem machine on the ISP's network, it is most
definitely the ISP's responsibility to investigate, attempt to contact
the owner, and as a last resort, pull it off the network. 

If an ISP weren't to take responsibility for the machines, who would?
The user?  As you pointed out, that's rather unlikely.  :)

The real question is - what do we do with ISPs which ignore abuse
reports, like Turk Telekom, RDSNet, or QualityNet?


> ~john

Chief of Security, Nightstar IRC network |
Server Administrator - Blargh.CA.US.Nightstar.Net
Unsolicited advertisements sent to this address are NOT welcome.

Attachment: signature.asc
Description: Digital signature

To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement 
upon request.

Reply via email to