On 3/13/11 7:41 AM, William Pitcock wrote:
well, they should care. if a customer is compromised and ddosing, it costs the provider money (additional traffic being pushed bringing your 95% closer to your commit levels or possibly causing an overage to be incurred.)
by doing nothing it may wind up costing them something - even if they can make the money back by passing the overage onto the customer, there is a high likelyhood that the customer will just jump ship and not pay the invoice and go elsewhere.
william
In the case of a DoS, a call to the legal dept of the ISP might do the trick. One successful lawsuit against a provider for knowingly allowing their customers to DoS/DDoS would certainly change alot of attitudes about the value of an abuse desk. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org