On 11-Jul-2001, Dan Hollis wrote:
On Thu, 12 Jul 2001, Hank Nussbacher wrote:
Convince me why a list of non-cooperative ISPs is a thing that would help.
behavior modification is sometimes achieved by bad PR.
They might blow off some individual isp, "eat your pingflood, we will shut down our smurf amps when we feel like it". I would imagine their attitude might change when reporters start calling, "when are you planning on shutting down your 10mb/s smurf amps?"
I've created a yahoo group for this type of purpose. It can be found here: http://groups.yahoo.com/group/dos_reports The goal of this group is to provide a medium for sharing information about DoS attacks. This includes current attacks on your network, a phonebook with ISP contact information, reporting ISP cooperation levels, etc. The quality of this tool is dependent upon the quality of the members. Please bear this in mind when posting. Please do not send single line remarks about someone else's comments, or generally be unhelpful. I've seen too much of that on this list. This tool is not to replace the function of the NANOG list, but to provide organized data that can easily be parsed and used. We all know that many large ISPs are uncooperative when dealing with DDoS attacks and responding to complaints. Well, a public forum with peer review might help this situation. If you want things to change you have to take action. Please participate in this first small action toward a solution. Any comments or suggestions are welcome. If you have some documentation to add, or anything send it my way. Thanks, Jon