On 7/12/04 12:33 PM, "Michel Py" <michel@arneill-py.sacramento.ca.us> wrote:
Some peering contracts specify that behaviors that endanger a network or its users allow for immediate disconnection. Its a bit of a stretch to invoke this for a spyware site.
I think you could find a few experts that could argue that malware in general, and CWS in specific, has no reached the point where it is entirely reasonable to classify it as endangering the users of the network. Anyone who has dealt with a variant of CWS for which a remover was not available will tell you how much trouble it causes, rendering systems unusable until you find the magic combination, reimage the system, or wait until someone else figures out the variant. One wrong turn probing it can render a machine unusable until it's reloaded. In the meantime, let's at least blackhole all their IPs on our networks. One way to reduce malware is to reduce the benefits of creating and distributing it. Another way is to find the people benefiting and stringing them up in the town square. DS