Nato warns of strike against cyber attackers
J. Oquendo
sil at infiltrated.net
Tue Jun 8 20:27:20 UTC 2010
Jorge Amodio wrote:
>> None of this needs to be done for free. There needs to be a "security
>> fee" charged _all_ customers, which would fund the abuse desk.
>>
>
>
>> With more than 100,000,000 compromised computers out there, it's really
>> time for us to step up to the plate, and make this happen.
>>
>
> Or you should send the bill to the company that created the software
> that facilitated to get so many computers compromised, some folks in
> Redmond have a large chunk of money on the bank.
>
> My .02
>
>
>
Seems like it's come full circle again
(http://irbs.net/internet/nanog/0412/0109.html) and I can always recall
Rob Thomas' take on this (http://irbs.net/internet/nanog/0412/0222.html)
"Filtering out bogons removes yet one more potential source of badness.
Does it remove all badness? Of course not. We win by degrees. Removing
any tool from the bad persons' toolkit is useful." Not forgetting Mark
Andrews "Any operator not implemting BCP 38 is potentially aiding and
abetting some criminal. BCP 38 is over 10 years old. There is no excuse
for not having equipment in place to handle the processing needs of BCP 38."
ISP's could actually offset the charges to customers with helpdesks to
re-coup some equipment costs while maintaining a clean network. As for
the "blame the software" comment, irrelevant. If bad hosts were
minimized, there would likely be less compromises irrespective of the
vendor of the software. Statistically I would think the number of
compromises would go down but at the same time I believe the criminals
would get smarter. That's just the nature of the beast.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
More information about the NANOG
mailing list