--- Alain Hebert <ahebert@pubnix.net> wrote:
Is it just me or the level of spam coming from ASIA (region) has just increased 10 fold in the past week?
(snip) it comes and goes like the wind, and the tides.
I could see Peer stopping annoncement of the routes of ISP's that do not comply with abuse (I mean high volume of abuse here) after 12h...
Much as I would like to see an ISP level response about security issues/spam/foo pollution on the internet, I am not in favor for the balkanization of the internet. We know that those people with OWNED boxes (via virus,bot, or layer 8) take up a large amount of bandwidth (relative to revinue), and therefore add expenses to an isp. Smart people know this. The people on the list know this. Stopping inbound packets except for Common Well Known Services, might be a good option for an isp to add, BUT that takes up a lot of router CPU. That does not do the rest of us any good at this point, people will pollute until trashing the environment _ becomes inconvenient _ for them. A way to make things inconvenient, is to not allocate any more ip addresses to historical polluters (or ipv6 only). If this is done at the arin/ripe/apnic/etc level, I believe that problem children will find it in their best interest to start putting outbound filters in place, and getting rid of people who can not be bothered to manage their own machines. The data is in place right now http://isc.incidents.org/source_report.php You can drill down to an ip address, such as http://www.dshield.org/ipinfo.php?ip=024.000.003.075 http://www.dshield.org/ipinfo.php?ip=221.004.061.168 increasing the level of reporting so that common pollution, such as port 1025-1030, 135,445, etc would be pretty easy. Perhaps a BOF at NANOG Dallas might be in order.
Or why not having the registrar blackhole the domain if the abuse level gets too high?
Then you only have no DNS, that does not stop a port scan/spam spew. This is not a problem limited to a region of the world, stupidity is a planet wide illness. ( and I am guilty of being ill from time to time) -charles Pick two: good, fast, or cheap. (fixed scope,fixed timeframe,or fixed budget) (Elegant, documented, on time)(Privacy, accuracy, security) (Have fun, do good, stay out of trouble)(Study, socialize, sleep)(Diverse, free, equal)(Fast, efficient, useful) (Cheap, healthy, tasty)(Secure, usable, affordable) (Short, memorable, unique)(Cheap, light, strong)