Policies affecting the Internet as a whole - Hitting where it hurts

Fri Dec 27 19:53:09 UTC 1996

On Fri, 27 Dec 1996, David Schwartz wrote:

> 	I think a list of sites that refuse to deal with troublemakers
> (with details) would be extremely useful. If people want to use it to
> blackhole traffic, that would be their decision.

Ok. I nominate UUNet to be the first on the list. (No, this isn't a UUNet
flame, read on.)

Recently one of their customers decided the incoming directory on our FTP
server would be a good place to start a warez site. We mailed help at uu.net
and noc at uu.net. Our mail included the src IP address and the times that
the uploading of the warez occurred. They were fairly quick to respond
with UUNet's policy on these matters. Basically they will only take action
when told to do so by a law-enforcement agency.

Ok, fine. I understand that they have to protect their interests and that
there are legal implications to all of this. I tend to agree that this
position is the safest one to take.

This raises important issues, though. What do we expect providers to do?
Do we expect them to take action based on email received from
unknown people? It seems from some of the other posts on this topic that 
we do expect that.

Getting back to the post that started this thread, the culprit appears to
be from Romania. Since we've all read _The Cuckoo's Egg_, we know that
getting anything done about international cracking is very difficult (or
has this changed?). So it is a catch-22. I think very few people on this
list have the time/resources to pursue prosecution for attacks, unless the
attacks are extremely damaging (ie you can prove to the authorities that
it cost you a LOT of money). Yet, just letting this stuff slide by is not
only frustrating, it does nothing to solve the problem.

I think if you are getting attacked from a specific IP or block of IPs,
you have every right to filter those packets. I question the prudence of a
'blacklist', though.

Just some random thoughts...

-BD