-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Not in the habit of responding to my e-mail, but... On Sat, Dec 13, 2008 at 12:29 AM, Paul Ferguson <fergdawgster@gmail.com> wrote:
On Sat, Dec 13, 2008 at 12:22 AM, James Hess <mysidia@gmail.com> wrote:
An in-depth strategy with hundreds or thousands of factors examined results in a smaller (but still present) possibility of the filter/detector being fooled.
IP-based methods can be combined with the other stronger analysis of transaction details and other info that can be gathered about a submitter for detection of attempted abuse.
Personally, I don;t NANOG is the proper forum for this discussion.
There are other forums, however, which do follow these issues -- some public, some private.
If folks think that people are not "doing" massive correlation of criminal activity on the Internet, they would be mistaken.
The point I am trying to make here is that ISPs should much more engaged in this entire process. In the not-so-distant past, I have tried to engage the ISP community (via NANOG, at NANOG meetings) to get involved in the fight against cyber crime, with lackluster response -- unfortunately. If this problem is ever going to get reduced to a manageable level, ISPs must play a critical role -- one which they have not been willing participants to this day. ISPs have been (one of) the missing links here. Of course, there are very responsible ISPs out there who handle these issue when they are brought to their attention, and they deserve kudos -- but unfortunately, they are are in the minority. This community should be asking itself why that is... and figuring out way to deal with it responsibly. $.02, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFJQ3Xpq1pz9mNUZTMRAuloAKDydG8eb0Le53iKzgLdVYzFi/LQ8ACfY9GA 5wqCM9bn9baQnBARNNRIb0Q= =mzwy -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/