Port blocking last resort in fight against virus

• Previous message (by thread): Port blocking last resort in fight against virus
• Next message (by thread): Port blocking last resort in fight against virus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>So give up trying to control the actions of the end nodes by
>destroying the edge. Make sure that complaints reach the correct
>responsible person. Limit your involvement to careful excerpts from
>your customer/IP-address database, or better yet, register them in
>the RIR registry so that others having complaints can reach them
>without wasting your time.

Intersting concept...
MY upstream disagrees.. They, who shall remain nameless at this point,
are doing a horrible job at policing their other customers, refuse to 
SWIP the block to me claiming they are working on it (been a year now), 
and they feel they need to know about whatever complaints they 
get about me.

HMM, if they have gotten complaints, then I haven't gotten any!!
And I have complained about other customers and never seen a fix..
One system was code red infected and had no FW, after a few weeks, 
I tracked them down and called them myself, and got told that 
<ISP> never called them!!!
(I reported it 5 times)

This is a great idea, but I very much doubt that most ISP's will even do it.
And if ISP's did this.. NOTE the spammers, they would always lie about 
WHOIS, RWHOIS, contact info...

I dunno, there is no perfect solution here... Except, as a community 
we need to enforce RIR policies and actual enforce our own AUP's.
(NO shots being fired here, but as we all know some ISPs AUPs are like
a law-- only effect the good citizen and not the high $ customer)

just my 2c worth..
J

• Previous message (by thread): Port blocking last resort in fight against virus
• Next message (by thread): Port blocking last resort in fight against virus
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]