At Friday 03:24 PM 1/14/00 , J.D. Falk wrote on NANOG:
Unfortunately, ORBS does not allow for people who DO know about relays, and DO close them, and don't want to be scanned anymore. In the ORBS world, that simply isn't an option.
That's where most of the sane anti-ORBS sentiment comes from.
("Sane" obviously does not include folks who actually do have open relays.)
People who object to their networks being scanned for SMTP vulnerabilities on occasion (with an interval that ranges from a couple of weeks to a couple of months) have something to hide. They are hiding incompetency, management failure, corporate idiocy , Dilbertism and most of all: financial interests that have managed to completely corrupt any dedication to providing secure, stable and responsible service on the Internet. Some people have apparently forgotten that the Internet does not work without consensus and respect for other entities making up the network as a whole: Those who violate principles of responsible networking morally forfeit any claim of protection under the same principles. Given that there is NOTHING they can (or would want to) do about random port scanning originating from throw-away dialup accounts or compromised *.edu machines, trying to erect a barrier against single, well-known entities that have a clear published agenda is completely dishonest, with a motivation clearly founded in a desire to cover up things mentioned in the first paragraph (above). Who would think of ORBS' agenda to be that of, say: a 13-year old hacker-wannabe from Pigs Knuckles, Idaho, who has hacker bragging rights on the school yard ? Pick who you want to block, and with what motivations. I have sent the following to he SMTPABUSE list earlier today, in the context of Bugtraq's co-located server (in above.net's network) getting ORBS-listed due to above.net apparently null0'ing all traffic to/from the network ORBS is located on. -----------SNIP-------------- At Friday 12:05 PM 1/14/00 , Bill Maloy wrote:
The following is a reason for not using the ORBS list.
Slight mod: "The following is an example of why anyone using the ORBS (or ANY blacklist, for that matter) should be prepared to whitelist specifics servers at a moment's notice."
above.net has several hundred open relays (?!) in the netblock which is blocking the ORBS tester.
See <http://www.orbs.org/above.net.txt>
-- Bill Maloy (brm4)
Or more figuratively: the landlord (above.net) directly acknowledges the occasional presence of a bunch of drug dealers using apartments (web servers in their rackspace) in his buildings without the tenant's (web housing and co-lo customers) or his consent (spammers abusing open relays on occasion) for their illegal activities by trying to prohibit his friendly neighbors (ORBS) from reporting about these deplorable conditions to the rest of the public and prohibiting said friendly neighbors to enter his buildings to occasionally check on tenants deliberately aiding and abetting (or doing so by failure to leave their doors locked, which is technically gross neglect) such illegal activities. Meanwhile, the criminal element using the property continues to go about its business, and the landlord apparently cares little that the "No Trespassing" sign is routinely ignored, and tenants routinely compromise security for themselves and their neighbors, as well as the rest of the community. This is setting vast precendents. Precendents that work in the friendly neighbor's favor, I have to add, and to the detriment of the landlord: - In the US, the government takes away property from neglient owners who ignore illegal activity connected or happening on their property, especially if they were informed about this (I think a few 1000 mails to abuse@ is undeniable notice). Needless to say that people have lost their property even if they truly knew anything about it . (Thank you for Civil forfeiture, part of the War on Drugs^H^H^H^H^HEverybody, Ronnie. we'll spit on your grave soon enough). - People get summoned and fined for leaving their cars unlocked, too, as the law recognizes that in order to protect the public from joyriding kids, insurance scams and rampant auto theft, an owner has to secure his vehicle, even if it poses just a minor hurdle for professional criminals. And to top this off with another analogy: As far as I am concerned, above.net is like a parking lot with a 3-inch fence, with a large number of vehicles unlocked and the keys in the ignition. Ready to rumble, I'd say! Compare this to the vast majority of car owners in urban areas who secure their vehicle with alarm systems and "The Club" <tm>. What will *you* steal for fun and profit ? ------------SNIP---------------- Yeah, someone reacted to this post, which had a Cc: to abuse@above.net, via private email. While that reaction is certainly personal, rather than an offical reaction by Above.net , I am quite surprised by the mind-bender of putting ORBS on the same footing (see analogy above) as thieves running around the parking lot, testing doors and then making off with the cars. ORBS may rattle doors, but its for control purposes only. Kind of like your insurance claims adjuster finding your Jaguar unlocked in front of your house: he isn't driving off with it, but he will revoke your theft coverage, then go on to make a factual entry into insurance carriers' shared databases that will subsequently prevent you from getting theft coverage with any other insurance. True and tried methods in the credit reporting and insurance industries. No more secrets. bye,Kai -- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath