From: Bradley Dunn <bradley@dunn.org> Recently one of their customers decided the incoming directory on our FTP server would be a good place to start a warez site. We mailed help@uu.net and noc@uu.net. Our mail included the src IP address and the times that the uploading of the warez occurred. They were fairly quick to respond with UUNet's policy on these matters. Basically they will only take action when told to do so by a law-enforcement agency.
Well, common practice is to have your incoming directory writable but not readable, but, barring that lapse, once you discovered what was going on it was _your_ responsibility to inform the proper authorities with the information you had. Quite a few ISPs have an AUP that states a members account will be yanked upon reasonable proof of illegal or net.unfriendly activities. It is, however, a sticky situation trying to make ISPs net.cops. After weighing the pros and cons, I have to give more weight to the "common carrier" argument. It is _your_ responsibility to protect yourself. Most of us here are more than willing to help you do that, and your time is better spent getting your system setup properly than trying to get another ISP to police their users. If people didn't make it so damn easy to abuse their systems, there'd be a lot less abuse.
I think if you are getting attacked from a specific IP or block of IPs, you have every right to filter those packets. I question the prudence of a 'blacklist', though.
I think you have a right to filter any packets you want, for any ol' reason whatsoever, into _your_ LAN. Just don't presume that any downstream systems may also want to use whatever filtering "algorithm" you come up with. Along the same lines, a blacklist from people or groups I trust (Bush, Vixie, NANOG in general) saves me time.
From: Wayne Bouchard <web@typo.org> where it might be housed so... It would be nice if some group (Hey, wait a minute.. we're something of a group..) could come up with an "Acceptable Use Policy" that people could subscribe to or use as a base for building their own policy. Keeping a list of people who have
This is starting to sound familiar...oh yeah, about ten years ago...FidoNet Policy formulation...I'm in favor of anything that's no longer than and embodies the same spirit as the following: 1.) Thou shalt not be excessively annoying. 2.) Thou shalt not be too easily annoyed. I s'pose we can drop "Thou shalt honor ZoneMailHour" :-)
From: Paul A Vixie <paul@vix.com> we do when our network is congested is: delay it. What we do when we see a large amount of junk in a mail queue that appears to be the result of some automated process gone wild is (listen carefully) expunge it with no notice to anybody.
:-)
On Fri, 27 Dec 1996, jenni baier wrote: So how about a creating a "white"list?
and a reply
From: "Robert A. Pickering Jr." <pickerin@fuse.net> This is a much better approach. Reward those who operate responsibly and in a sense of cooperation. I'd certainly be willing to help on a draft of such a charter.
Yeah, it sounds nice, positive, all feely-good and all that, but think for a nanosecond or so. What you'll end up with is a list of about 95-98% of all ISPs, and while the folks at _Boardwatch_ and other compilers of 'net lists will greatly appreciate your efforts, it's not gonna do those searching for a reputable ISP a whole lotta good.
From: Barry Shein <bzs@world.std.com> [in regard to dealing with spammers, crackers, and other net.miscreants]
Too often when an issue like this is discussed we are all mesmerized by an image of getting a real bad guy.
No, if he's just a plain old jerk, that's ok too :-) ...but...
I'd say around half of the complaints I see range from "there's nothing wrong with that behavior, what's your point?", to "there's
To true, to true.
One gets the feeling that at our current level of sophistication in internet governance no matter what the infraction we'd either ignore it or crush the person's car, mostly depending on which action was more convenient at the moment.
and your point is?...
From: randy@psg.com (Randy Bush) Indeed. We don't neen no steenkin' legal system, we can just hang 'em right here.
Works for me.
Maybe this whole thread could be moved to inet-excess or somewhere?
Actually, I'd like to take it somewhere, and to anyone who's traversed this far into this spew--is there a half-way intelligent discourse going on somewhere that goes into the more social/political aspects of network operation? I realize any such forum is gonna be about 50% flame fest, but as long as there are a few competent tech people to balance out the wild- eyed idealists, liberals, and the other generally clueless, it shouldn't be too bad. _dave_(seemingly obligatory and definitely bandwidth wasting .sig)