Hi Shimi,
The policy that I would expect is:
1. Possibly requiring licensed ISP's to offer extended anti-cyber-attack
protection, for an extra price.
2. Requiring licensed ISP's to provide a specific basic level of cyber
security as part of every offering.
3. Requiring reporting of cyber attacks that pass some level of damage
or persistence or that can be identified as originating with a particular
organization to a national information center.
4. Requiring on-line financial services and other specified services to
implement specific security policies.
It's clear that the country is under concerted attack. I also know that
*something* is being done or at least discussed at the national level.
What appears to be lacking is protection for the smaller organizations and
service providers.
- yba
On Sun, 27 Jan 2013, shimi wrote:
Date: Sun, 27 Jan 2013 08:33:50 +0200
From: shimi <[email protected]>
To: Jonathan Ben Avraham <[email protected]>
Cc: ILUG <[email protected]>
Subject: Re: [OT somewhat] DDOS attacks, where to report?
On Sun, Jan 27, 2013 at 1:54 AM, Jonathan Ben Avraham <[email protected]> wrote:
On Sun, 27 Jan 2013, shimi wrote:
Date: Sun, 27 Jan 2013 00:30:02 +0200
From: shimi <[email protected]>
To: Jonathan Ben Avraham <[email protected]>
Cc: ILUG <[email protected]>
Subject: Re: [OT somewhat] DDOS attacks, where to report?
On Sat, Jan 26, 2013 at 11:39 PM, Jonathan Ben Avraham <[email protected]> wrote:
This is not true in general under Israeli law, as I have found out myself from
unfortunate personal experience. See
http://he.wikipedia.org/wiki/%D7%90%D7%99_%D7%9E%D7%A0%D7%99%D7%A2%D7%AA_%D7%A4%D7%A9%D7%A2
This law is about telling the authorities about a CRIME THAT IS GOING TO
HAPPEN, that you know about, so that the authorities can stop the criminal
PRIOR to the act of crime.
Unless you claim the ISP KNOWS that a DDoS will happen (in the future) to the
customer (they can't possibly know. like I've already said - chances of
catching the source behind a DDoS are almost nil) - I personally find it
difficult to
understand
why you think this law is relevant on our case...
Hi Shimi,
This law is in fact applied to ongoing crime as well as futire crime. It's not
enough that you know someone has been trafficking Ukrainain girls for two years
already to exempt you from reporting it if you find out about it.
This is not an ongoing crime. Your friend server is offline, the attacker
noticed and stopped bombarding. ISP is happy. That's the reason they
disconnected your friend at the first place - they knew their infrastructure
will no longer be attacked
when they do. This is the reason why people DDoS in the first place! Because it
works...
Also, not even sure that this is called a crime that happens within
the borders of Israel. After all, the attacker, and his 'associate' computers,
are all (for the lack of better knowledge) outside the borders of Israel when
this happens. Again,
the Israeli police (or Government) has no jurisdiction over the
whole Internet...
It's is enough for the victim to be affected in Israel for it to be a crime in
Israel.
This may be true (I don't know our law. it was more of a quandary). Still,
jurisdiction over the entire Internet, not located in Israel? That's not simple!
I think it is time for me to quote from the Serenity Prayer:
"God, grant me the serenity to accept the things I cannot change, The
courage to change the things I can, And wisdom to know the difference."
Of course, I wish your friend luck if he opts to pursue this
anyways, with the hope for: a) any sort of success, and b) that he won't waste
so much time/money on his attempts...
I'm wondering if there isn't a public policy initiative that we should be
pushing, perhaps through ISOC-IL. I mean, I'm all for prayer, that's necessary,
but sometimes concrete action is required. The problem here is that some small
players
are getting soaked disproportionately for the county's wars.
I already asked and couldn't see your answer, so I will ask again: What actions
do you want your government to do against the computers in China, North Korea,
or Arab countries? Please elaborate. Don't just say that 'someone needs to do
something'
- tell us what can they do that they don't, that would help in situations like
this... also tell us what should they do after they somehow made 20,000
computers clean, just to realize that in a keystroke, the attacker infected
20,000 other
computers, and all what they, basically had no influence whatsoever.
b.t.w. why are you so sure that those are "country's wars" ? Running an
innocent IRC server is very likely to get you DDoS'd too. A decade ago, DALnet, the
biggest IRC network users-wise (AFAIK), had been on netsplit more time than not, because
someone DDoS'd them. For months. The network lost servers because ISPs that
donated them didn't want the headache - their legitimate business got hurt. The
network never recovered. At the top they had > 100k users online globally. This
second the
number is 12,727 users. Israel was not a side...
Your friend got DDoS'd because he got DDoS'd. The country he lives at had nothing to
do with it. Unless of course he hosted specific websites that made people angry. If
that was the case, it was his war, not the country's. "Sof Ma'ase,
Be-Machashava Techila"...
-- Shimi
--
EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- [email protected] - tel: +972.2.679.5364, http://www.tkos.co.il -_______________________________________________
Linux-il mailing list
[email protected]
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
