Hi Eliyahu,
See inlines below.
On Sat, 26 Jan 2013, E.S. Rosenberg wrote:
Date: Sat, 26 Jan 2013 23:22:18 +0200
From: E.S. Rosenberg <esr+linux...@g.jct.ac.il>
To: Jonathan Ben Avraham <y...@tkos.co.il>
Cc: ILUG <linux-il@cs.huji.ac.il>
Subject: Re: [OT somewhat] DDOS attacks, where to report?
Why should the ISP have that responsibility?
They are as far as most of us are concerned not even supposed to do DPI (deep
packet inspection) and without DPI they have almost no way of telling the
difference between a site that is under attack and a site that just posted
something that is so
popular that everyone is going there also effectively DDOS'ing...
Once the user reports the crime to the ISP, does the ISP then have any
responsibility to report the crime, like other crimes?
The responsibility to go to the authorities lies squarly with the victim,
elthough you might expect some good citizenship from the ISP if they signal
illegal activities they still have a very hard time telling the legit from the
illegitimate
traffic.
This is not true in general under Israeli law, as I have found out myself
from unfortunate personal experience. See
http://he.wikipedia.org/wiki/%D7%90%D7%99_%D7%9E%D7%A0%D7%99%D7%A2%D7%AA_%D7%A4%D7%A9%D7%A2
Also ISPs in Israel don't even bother to put virus affected customers in
quarantine where they are blocked from accessing the internet until they clean
their computer(s), something which is fairly easy for them to implement and
very much in the
ISPs interest so why would they do more complicated things like dissecting
attacks?
Not necessarily analyzing attacks, just reporting them.
(I know some of the better ISPs outside of Israel do this)
As far as an example of equipment goes, tweakers.net did a review on an anti
DDOS firewall appliance in 2010:
http://tweakers.net/reviews/1648/riorey-rx1810-how-to-put-a-firewall-through-hell.html
Such an appliance would iirc not be usefull at the ISP level since it utilizes
traffic patterns
Thanks,
- yba
Regards,
Eliyahu - אליהו
2013/1/26 Jonathan Ben Avraham <y...@tkos.co.il>
Hi Shimi,
Thanks.
What I am trying to find out is if there are any Israeli ISP's that
actually offer protection against DDOS attacks and if there is any stated
public policy on such attacks. For example, is there a legal requirement for
individuals or
ISP's to report such crimes as there is with other crimes? Does the
government view the liability for damages resulting from such attacks as a
private responsibility like burglary or fire insurance even when the attack is
committed by
an enemy of the state? Is this written anywhere and is there any
applicable case law? How big or persistent does a cyber attack have to be for
it to be considered a public issue? Or has no one in government ever considered
the question?
- yba
On Sat, 26 Jan 2013, shimi wrote:
Date: Sat, 26 Jan 2013 22:11:24 +0200
From: shimi <linux...@shimi.net>
To: Jonathan Ben Avraham <y...@tkos.co.il>
Cc: E.S. Rosenberg <esr+linux...@g.jct.ac.il>, ILUG <linux-il@cs.huji.ac.il>
Subject: Re: [OT somewhat] DDOS attacks, where to report?
On Sat, Jan 26, 2013 at 10:00 PM, Jonathan Ben Avraham <y...@tkos.co.il> wrote:
But unless your friend shows that he is taking serious steps to
prevent this type of thing in the future no ISP has to allow him onto their
network, there are ISPs that specialize in hosting sites that are prone to being
attacked but the price is
obviously accordingly.
For example?
http://www.prolexic.com/services-dos-and-ddos-mitigation.html
Not a recommendation in any way, just an example.
-- Shimi
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -
_______________________________________________
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -_______________________________________________
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
