On Thu, 12 Jul 2001, Mitch Halmu wrote:
On Thu, 12 Jul 2001, Brad wrote:
However, the problem here is not-so easy to take care of on the provider(s) end. I tend to see this problem more-like open-relay issues. A open-relay SMTP server is just-as much a pain in the rear as a compromised windoze box (if not more) and we have several ways to combat open-relay issues currently through various testing and filtering systems.
No kidding? Your somewhat twisted "re-education" approach finds it perfectly normal to liken an illegal hacker activity (DDoS) with a perfectly legitimate business operation of an ISP, for the "crime" of simply having an open relay SMTP server.
Well, I happen to think that communications blackholing enterprises such as the one run by former Abovenet boss Dave Rand and Metromedia employee Paul Vixie are to be likened to denial of service attacks.
There should be no question that the guilty party is the actual hacker or spammer. If the legal system doesn't provide ISPs adequate protection under current laws, then new ad-hoc laws should address the problem.
--Mitch NetSide
Mitch- My post is not intended to get in a war about open-realy issues, but to rather put it in perspective from how *I* view the problem. I certainly think that a compromised or insecure machine should be addressed and the legal issues of hosting such a machine due to clear negligence of a problem which can (and does) cost other people a *lot* of money in damages or 3rd-party fees is a concern that any legitimate business-owner should be aware of. Furthermore- I am attempting to find a way to stop DDoS attacks without legal action (though- it should be taken also) and this seems to be the best way (so far). I am open to suggestions you may have to reduce/stop DDoS attacks as they happen. --- Brad Baker Director: Network Operations American ISP brad@americanisp.net +1 303 984 5700 x12 http://www.americanisp.net/