RE: Attn MCI/UUNet - Massive abuse from your network
I am not a lawyer. I am not aware of the law that requires uunet to go to court to prevent spammers who are not their direct customers from using their network. Spammers use many differnt means to send their spam. Most ISPs use AUP's to prevent spamming but afaik no isp has successfully sued a spammer and recovered any reasonable percentage of their expenses in fighting this same spam. When that becomes a method to pay for combating spam I am sure most ISPs will pursue it. This is a money issue. NSP/ISP have shareholders who desire a return on their investment. When I notify the abuse team at uunet of a spammer they act promptly shutting down any account that I can show is being used for spam. Chris is a very trusted and active member of the NSP community, to his credit is a detailed document on blackhole filtering one of the primary tools used by other NSP/ISP's for stopping bad traffic. AFAIK he can not authorize legal action against spammers. donald.smith@qwest.com my opinions are mine and do not reflect qwest policy. -----Original Message----- From: Dr. Jeffrey Race To: Smith, Donald Cc: nanog@merit.edu Sent: 6/24/2004 9:40 PM Subject: RE: Attn MCI/UUNet - Massive abuse from your network On Thu, 24 Jun 2004 19:26:10 -0600, Smith, Donald wrote:
Are you offering to finance ISP's legal battles against spammers?
No, it's their network and their legal responsibility to keep it clean. However I did voluntarily prepare a case for Neil Patel to file on behalf of UUNET under the Va computer crimes act, and he refused. I would have been a witness. At this point (esp when he said the matter lay with "Mr Ebbers", who is now up on other criminal charges) it became obvious what was the ethical level of this firm's management. Jeffrey Race
I am not a lawyer. I am not aware of the law that requires uunet to go to court to prevent spammers who are not their direct customers from using
On Thu, 24 Jun 2004 21:39:26 -0600, Smith, Donald wrote: their network. Doctrine of attractive nuisance
----- Original Message ----- From: "Dr. Jeffrey Race" <jrace@attglobal.net> To: "Smith, Donald" <Donald.Smith@qwest.com> Cc: <nanog@merit.edu> Sent: Thursday, June 24, 2004 6:22 PM Subject: RE: Attn MCI/UUNet - Massive abuse from your network
On Thu, 24 Jun 2004 21:39:26 -0600, Smith, Donald wrote:
I am not a lawyer. I am not aware of the law that requires uunet to go to court to prevent spammers who are not their direct customers from using their network.
Doctrine of attractive nuisance
When I worked for IBM back in the '60s, on many occasions during my 7 years there I heard upper management say that they were proud to be with a company that tried to be a "Good Corporate Citizen ". One branch manager had a cube on his desk which had printed on each side the(ir) manifesto of Corporate Social Responsibility.
From the AOL theft article: "The revelations come as AOL and other Internet providers have ramped up their efforts to track down the purveyors of spam, which has grown into a maddening scourge that costs consumers and businesses billions of dollars a year."
Perhaps those Corporate Citizens who can do something to ensure the viability of E-mail, should. --Michael
From the AOL theft article: "The revelations come as AOL and other Internet providers have ramped up their efforts to track down the purveyors of spam, which has grown into a maddening scourge that costs consumers and businesses billions of dollars a year."
Interesting. An insider at a network operator steals a copy of some interesting operational data and sells it to a 3rd party with an interest in doing nasty things with said data. And if Homeland Security really does require all outages to be reported to a clearing house where only network operations insiders can get access to it, then what? Will someone sell this to a terrorist organization? Better to leave all this information semi-public as it is now so that we all know it is NOT acceptable to build insecure infrastructure or to leave infrastructure in an insecure state. Fear of a terrorist attack is a much stronger motive for doing the right thing than a government order to file secret reports to a secret bureaucratic agency. --Michael Dillon
Well said sir! Scott C. McGrath On Fri, 25 Jun 2004 Michael.Dillon@radianz.com wrote:
From the AOL theft article: "The revelations come as AOL and other Internet providers have ramped up their efforts to track down the purveyors of spam, which has grown into a maddening scourge that costs consumers and businesses billions of dollars a year."
Interesting. An insider at a network operator steals a copy of some interesting operational data and sells it to a 3rd party with an interest in doing nasty things with said data.
And if Homeland Security really does require all outages to be reported to a clearing house where only network operations insiders can get access to it, then what? Will someone sell this to a terrorist organization?
Better to leave all this information semi-public as it is now so that we all know it is NOT acceptable to build insecure infrastructure or to leave infrastructure in an insecure state. Fear of a terrorist attack is a much stronger motive for doing the right thing than a government order to file secret reports to a secret bureaucratic agency.
--Michael Dillon
Has anyone noticed that the DHS plan is probably closer to the current status of things than the FCC one is? AFAIK, Currently this information _isn't_ required to be publicly reported. The FCC wants it to be. DHS would prefer that it be semi-public at best - just like Michael Dillion wants. Three options: 1. Status quo - no gov't reporting requirements 2. FCC proposal - completely public reporting requirements 3. DHS proposal - limited access reporting requirements Food for thought: Could an analyst, looking at outage reports over a period of time, build a schematic that would demonstrate that if you took out n points, you'd kill x% of data traffic in and out of $pickyourmetropolitanarea? If this analyst were working for Bin Ladin.... Some ad hoc terrorists, in a country crawling with US troops, with a communications infrastructure nowhere as advanced as the USA just managed to coordinate a multiple bomb attack simultaneously. What could they do here with the right information? Should we hand them this information freely? At least if someone in this "clearing house" sells it to the terrorists, they will have had to work for it a bit, instead of having us hand it to them on a silver platter, as the FCC seems to want. Let the flames continue. ** Reply to message from Scott McGrath <mcgrath@fas.harvard.edu> on Fri, 25 Jun 2004 11:22:51 -0400 (EDT)
Well said sir!
Scott C. McGrath
On Fri, 25 Jun 2004 Michael.Dillon@radianz.com wrote:
From the AOL theft article: "The revelations come as AOL and other Internet providers have ramped up their efforts to track down the purveyors of spam, which has grown into a maddening scourge that costs consumers and businesses billions of dollars a year."
Interesting. An insider at a network operator steals a copy of some interesting operational data and sells it to a 3rd party with an interest in doing nasty things with said data.
And if Homeland Security really does require all outages to be reported to a clearing house where only network operations insiders can get access to it, then what? Will someone sell this to a terrorist organization?
Better to leave all this information semi-public as it is now so that we all know it is NOT acceptable to build insecure infrastructure or to leave infrastructure in an insecure state. Fear of a terrorist attack is a much stronger motive for doing the right thing than a government order to file secret reports to a secret bureaucratic agency.
--Michael Dillon
-- Jeff Shultz A railfan pulls up to a RR crossing hoping that there will be a train.
Food for thought: Could an analyst, looking at outage reports over a period of time, build a schematic that would demonstrate that if you took out n points, you'd kill x% of data traffic in and out of $pickyourmetropolitanarea?
If this analyst were working for Bin Ladin....
Yes an analyst could do this. Our job is to make sure that he can't get a very large x% without also requiring a large investment in n attack points. Consider bin Laden's organization in 2000. They had a plan to commandeer 10 airliners and attack 10 targets in the USA including things like the CIA headquarters. Resource constraints caused them to back off to 4 targets. We already win because the targets are not all in the same city block. Next, the attack day arrived and the 4 teams went to work. But only two of them achieved 100% objective. One team failed entirely when they lost control of their weapon. And the third team hit a glancing blow to the target that damaged less than a fifth of the building. And it turned out that they hit a less critical part of the Pentagon as well. This is a typical result of a military or terrorist operation. It is very hard to plan and execute 100% effective coordinated attacks against a large number of targets. On 9/11 the terrorists had no problem making 4 big booms and getting attention. But they missed the Whitehouse entirely and only did minor damage to the military headquarters. Remember, that packet switched networking originated with the desire to build a telecom network that could survive massive destruction on the scale of a nuclear war, but continue to function. If we apply that kind of thinking to planning network deployment then there should be little extra risk from terrorist knowing where the vulnerable points are. Spread the risk by spreading the vulnerable points.
Some ad hoc terrorists, in a country crawling with US troops, with a communications infrastructure nowhere as advanced as the USA just managed to coordinate a multiple bomb attack simultaneously.
Iraq currently has a cellphone network that is more advanced than the USA, i.e. it's all GSM. But in fact, all they really needed to pull this off was a quiet pub and some accurate watches that could be synchronized prior to the attacks. Better go back and watch those old spy movies again... --Michael Dillon
** Reply to message from Michael.Dillon@radianz.com on Fri, 25 Jun 2004 17:12:45 +0100
Remember, that packet switched networking originated with the desire to build a telecom network that could survive massive destruction on the scale of a nuclear war, but continue to function. If we apply that kind of thinking to planning network deployment then there should be little extra risk from terrorist knowing where the vulnerable points are. Spread the risk by spreading the vulnerable points.
I thought the old "nuclear survivable" argument was killed off years ago - I seem to rember it being refuted in "Where Wizards Stay Up Late." Packet switched networking originated with a desire to see if it would work.... And you are welcome to assume the expense of spreading the vulnerable points. -- Jeff Shultz A railfan pulls up to a RR crossing hoping that there will be a train.
jeffshultz@wvi.com wrote something like:
Some ad hoc terrorists, in a country crawling with US troops, with a communications infrastructure nowhere as advanced as the USA just managed to coordinate a multiple bomb attack simultaneously.
I just got back from lunch at the Wok Inn (Morrill's Corner, in scenic Portland), where a fortune cookie museum has been added to educate the stand-and-waits like me. In the 13th century the dynasty established by Ghengis Khan was overthrown by a synchronized distributed program. The synchronization mechanism was "on date/time execute plan", and the distribution mechanism was moon cakes. This whole thread is wierd. A tunnel in Baltimore isn't exactly a big secret anymore, and we did cover this (knowing, unknowing, and mechanism considered harmful) in the RAVEN list that lead up to rfc2804. Oh, the "crawling with US troops" line of thought is wicked wrong. For the few who care, point a browser at juancole.com from time to time and read a week or so of content. Cheers, Eric
participants (7)
-
Dr. Jeffrey Race -
Eric Brunner-Williams -
Jeff Shultz -
Michael Painter -
Michael.Dillon@radianz.com -
Scott McGrath -
Smith, Donald