Policies affecting the Internet as a whole - Hitting where it hurts

Chris A. Icide chris at nap.net
Fri Dec 27 15:47:25 UTC 1996

There is a certain individual at a certain ISP in the .ro domain.  I
have yet to determine if this user is the owner of said ISP or if they
are but a user.  As it may be, this person has been responsible for
many hacking attempts, including the destruction of several UNIX
systems (rm -rf* after gaining root) in other ISP's.  The person is
also suspected to have been an initiator of Severl damaging SYN
attacks, although the only solid proof is of the UNIX hacking.

Anyway, to get to the point, I along with several others have been in
contact with the ISP, which is aware of the individual's activity and
refuses to deal with those activities since "there are no laws affecting
his use of our system in this manner, and we have no recourse."  So,
my question to you folks is, would something like the intentional black
holing of the source network for this user (he apparently sources all
attacks from one swamp Class C address) be an appropriate incentive
to the ISP to deal with the problem?  If so, where would be a good place
to announce such measures, their goal, evidence, etc?  I can see how
such a thing could easily get out of hand if it's not taken seriously.

Chris A. Icide
Nap.Net, L.L.C.

More information about the NANOG mailing list