Wake Up! (was: spamspamspam)

Tue Nov 12 16:48:59 UTC 1996

	I don't advocate or tolorate this either.

	It was meant as a joke.

	We now return you to the non-flaming, nanog list... :-)

	- Jared

David Stoddard graced my mailbox with this long sought knowledge:
> Jared Mauch writes:
> > 	gcc sources aren't as bloated as emacs sources.
> > 
> > 	What you need to do is find a way to send the mimed sources to
> > someones text pager.  Either that, or uuencoded to their pager.  Then
> > build a compiler on the pager and put emacs on it.
> > 
> > 	- Jared
> 
> 	So, as a "responsible" ISP, you advocate denial of service attacks?
> 	You are either incredibly naive or intensely stupid to advocate
> 	that position.  Is that how you want people to deal with you when
> 	your customers violate your AUP?  I really want to hear your
> 	justification for mail bombing ... maybe you have one for SYN attacks
> 	too?
> 
> 	Frankly, there is NO valid reason for ANYONE to retaliate in this
> 	manner.  As an ISP, if you have a customer that spams someone, you
> 	get flooded with hate mail -- this mail continues long after you
> 	have wiped the abuser out of your system.  But in the event someone
> 	decides to mail the source to Linux 1000 times to your server,
> 	copying abuse, root, postmaster, and support, they kill off your
> 	entire site, denying thousands of innocent users Internet access.
> 	The number of hours I have wasted over the past four years chasing
> 	down hackers and mail bombers has been a real pain.  I have ZERO
> 	tolerance for this behavior.
> 
> 	If someone mail bombs my site, I will do everything in my power to
> 	track them down and have them put in jail.  Mail bombers are criminals.
> 	If you are mail bombed and have the mail logs, here is a good place
> 	to start in your efforts to prosecute the bastards: The FBI Computer
> 	Crime Squad in Washington, DC -- 202-324-9164 -- ask for Rich Ress.
> 	If the mail bombing is continuous, you can get a court order to
> 	have the FBI seize their equipment in a few hours.  You may want to
> 	to to the federal prosecutor in your jurisdiction too.
> 
> 	If you provide access to military bases, you are in an even better
> 	position to nail these folks.  And be sure to file civil suit against
> 	them too.  If they respond to the suit, you can get them to spend
> 	thousands of dollars in their civil defense (not to mention their
> 	criminal defense).  If they don't respond, you can file liens on 
> 	everything they own.  I also find it useful to dispatch a press
> 	release in the home town of the hackers, identifying them and the
> 	details of the crime and its investigation.  Call the TV stations
> 	in their area too -- the local news loves to report on high-tech
> 	crime.
> 
> 	In the event the hackers are international, you can filter their
> 	IP addresses and notify their upstream providers that the filters
> 	will remain in effect until they can provide assuarance that the
> 	threat has been eliminated.
> 
> 	As a community, we need to slam hackers as hard as we possibly
> 	can.  As individual companies, we have very little to fight them
> 	outside of the means listed above.  But collectively, we could
> 	black list rogue sites using IP filtering.  I think that hackers
> 	would consider things twice if they knew they were about to lose
> 	connectivity to half the world because of their actions.  I am
> 	interested in what the other folks think about this too.  The
> 	time for complacency on this issue is over.
> 
> 	Dave Stoddard
> 	US Net Incorporated
> 	301-572-5926
> 	dgs at us.net
>