RoadRunner is such a network. Send them an incident report from tcp_wrappers its not enough they want system logs that don't exist. they basically ignore reports of break-in attempts. More like the Korean networks in that respect. And of course there are several .jp domains that can't be bothered to lock down their mail relays after being notified. Most of the break-in attempts on my server come from .kr and from roadrunner. I may well just blackhole the netblocks for .kr, I don't get legit traffic from them. RoadRunner is another matter. Now, if RR was in something like the RBL where suddenly their customers couldn't get to where they want on the net, RR would have to take action. ----- Original Message ----- From: "David Charlap" <david.charlap@marconi.com> To: <nanog@merit.edu> Sent: Thursday, July 06, 2000 7:06 PM Subject: Re: scripts kiddie sites
Karyn Ulriksen wrote:
For my edjumacation, could someone clarify what a scripts kiddie source network as it's being bandied about here is? I can only *assume*, and I try to avoid doing that (not always successfully).
A script kiddie is the most common form of system cracker. He attacks remote systems using scripts and programs that were written by other people. He usually does not have the brains to write his own attack scripts/programs.
I would assume that a "scripts kiddie source network" is a network where the administrators do not bother to investigate reports of system cracking attempts from their network. This effectively gives these crackers a green light to go and attack people, since they know they won't lose their access.
This is in contrast to a responsible network, which will investigate reports of cracking, and will take action against the crackers by terminating their access and/or pressing legal charges.
-- David