To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
The only way to get the ISPs to take action is through legislation forcing them 
to do so. And even then such legislation will only make a big impact if it is 
applied globally. The situation is admittedly rather hopeless...

Some tier ones I have spoken with indicate they are preparing to take proactive 
action because they fear upcoming legislation. Without that they say they just 
don't have budget.

Ken



--
Ken Simpson, CEO
MailChannels Corporation
Reliable Email Delivery (tm)
http://www.mailchannels.com  

-----Original Message-----
From: "James Pleger" <[EMAIL PROTECTED]>

Date: Fri, 21 Sep 2007 20:53:15 
To:PinkFreud <[EMAIL PROTECTED]>
Cc:botnets@whitestar.linuxbox.org
Subject: Re: [botnets] Why ISP's and NSP's Love Botnets


I don't think that ISPs are going to care until there is a business model that 
will make them money(or save it) and not cost them a bunch of money/staff 
overhead.

It costs a great deal to staff an abuse department that knows what they are 
doing, there isn't really any value for the ISP to take down a botted machine 
that is sending spam, unless it is effecting their  core business. 

Just my two cents...

Look at TTNET, they don't do anything about complaints(from what I can tell).


On 9/21/07, PinkFreud <
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > wrote:To report a botnet 
PRIVATELY please email: 
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
----------
On Fri, Sep 21, 2007 at 10:02:32PM +0000, John Fraizer babbled thus:

*snip*

> Again, there is no silver bullet.  It is *NOT* the responsibility of the
> providers to force safe computing down the throat of their customers. 

I disagree with this.  By your reasoning, it's not the responsibility
of the university I work for to make sure students don't put infected
machines on the network (we actually take a very proactive approach to 
minimize the number of 'problem' machines we have on the network).

To go back to your earlier analogy of a user enticing Joe Botherder,
you're right - there's little an ISP can do in that case.  But when 
you're talking about machines actively sending out spam/involved in a
DDoS/etc., then yes, it *is* the ISP's responsibility to do something.

I'm not saying an ISP should be watching everything that goes on on 
it's network at all times.  However, when an abuse department is
contacted about a problem machine on the ISP's network, it is most
definitely the ISP's responsibility to investigate, attempt to contact 
the owner, and as a last resort, pull it off the network.

If an ISP weren't to take responsibility for the machines, who would?
The user?  As you pointed out, that's rather unlikely.  :)

The real question is - what do we do with ISPs which ignore abuse 
reports, like Turk Telekom, RDSNet, or QualityNet?


*snip*

> ~john

--
PinkFreud
Chief of Security, Nightstar IRC network
irc.nightstar.net <http://irc.nightstar.net>  | 
www.nightstar.net <http://www.nightstar.net> 
Server Administrator - Blargh.CA.US.Nightstar.Net 
<http://Blargh.CA.US.Nightstar.Net> 
Unsolicited advertisements sent to this address are NOT welcome.

-----BEGIN PGP SIGNATURE----- 
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG9ILObDkJRSE/3qkRAvtpAJoCkSTQTkG+tDphQYrzadZwGWSRuACfYQY2
NavCqdahxVgjMz3i52jrIUc=
=vobv
-----END PGP SIGNATURE-----

_______________________________________________ 
To report a botnet PRIVATELY please email: [EMAIL PROTECTED] <mailto:[EMAIL 
PROTECTED]> 
All list and server information are public and available to law enforcement 
upon request.

http://www.whitestar.linuxbox.org/mailman/listinfo/botnets 
<http://www.whitestar.linuxbox.org/mailman/listinfo/botnets> 

 To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement 
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets

_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement 
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets

Reply via email to