To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ----------
On Fri, Sep 21, 2007 at 10:02:32PM +0000, John Fraizer babbled thus:
*snip* > Again, there is no silver bullet. It is *NOT* the responsibility of the > providers to force safe computing down the throat of their customers. I disagree with this. By your reasoning, it's not the responsibility of the university I work for to make sure students don't put infected machines on the network (we actually take a very proactive approach to minimize the number of 'problem' machines we have on the network). To go back to your earlier analogy of a user enticing Joe Botherder, you're right - there's little an ISP can do in that case. But when you're talking about machines actively sending out spam/involved in a DDoS/etc., then yes, it *is* the ISP's responsibility to do something. I'm not saying an ISP should be watching everything that goes on on it's network at all times. However, when an abuse department is contacted about a problem machine on the ISP's network, it is most definitely the ISP's responsibility to investigate, attempt to contact the owner, and as a last resort, pull it off the network. If an ISP weren't to take responsibility for the machines, who would? The user? As you pointed out, that's rather unlikely. :) The real question is - what do we do with ISPs which ignore abuse reports, like Turk Telekom, RDSNet, or QualityNet? *snip* > ~john -- PinkFreud Chief of Security, Nightstar IRC network irc.nightstar.net | www.nightstar.net Server Administrator - Blargh.CA.US.Nightstar.Net Unsolicited advertisements sent to this address are NOT welcome.
signature.asc
Description: Digital signature
_______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets