Policies affecting the Internet as a whole - Hitting where it hurts
hannan at UU.NET
Fri Dec 27 20:49:53 UTC 1996
Did you contact a law enforcement agency? Did we comply with
It seems that you are asking for vigilantism, not cooperation.
] On Fri, 27 Dec 1996, David Schwartz wrote:
] > I think a list of sites that refuse to deal with troublemakers
] > (with details) would be extremely useful. If people want to use it to
] > blackhole traffic, that would be their decision.
] Ok. I nominate UUNet to be the first on the list. (No, this isn't a UUNet
] flame, read on.)
] Recently one of their customers decided the incoming directory on our FTP
] server would be a good place to start a warez site. We mailed help at uu.net
] and noc at uu.net. Our mail included the src IP address and the times that
] the uploading of the warez occurred. They were fairly quick to respond
] with UUNet's policy on these matters. Basically they will only take action
] when told to do so by a law-enforcement agency.
] Ok, fine. I understand that they have to protect their interests and that
] there are legal implications to all of this. I tend to agree that this
] position is the safest one to take.
] This raises important issues, though. What do we expect providers to do?
] Do we expect them to take action based on email received from
] unknown people? It seems from some of the other posts on this topic that
] we do expect that.
] Getting back to the post that started this thread, the culprit appears to
] be from Romania. Since we've all read _The Cuckoo's Egg_, we know that
] getting anything done about international cracking is very difficult (or
] has this changed?). So it is a catch-22. I think very few people on this
] list have the time/resources to pursue prosecution for attacks, unless the
] attacks are extremely damaging (ie you can prove to the authorities that
] it cost you a LOT of money). Yet, just letting this stuff slide by is not
] only frustrating, it does nothing to solve the problem.
] I think if you are getting attacked from a specific IP or block of IPs,
] you have every right to filter those packets. I question the prudence of a
] 'blacklist', though.
] Just some random thoughts...
More information about the NANOG