Extreme spam testing

Andy Dills andy at xecu.net
Mon Dec 22 21:55:49 UTC 2003


On Mon, 22 Dec 2003, Chris Brenton wrote:

> >  If we have a single entitity that does all
> > this scanning, we as individual entities do not need to scan ourselves.
>
> This is going to sound really snippy, but who died and made then
> god/goddess of the Internet? Where is the document trail empowering them
> to be spam cops of the Internet with absolute authority to probe who
> ever they see fit?

This is a can of worms with no answer. Who gives authority to IANA for
that matter?

We're dealing with protocols, not laws. If you don't like X persons
traffic, you have 100% authority to filter it. That's the sole authority
on the internet.

You'd be hard pressed to frame what NJABL does in terms of "abuse",
because of the intent, and because of the actual bit volume involved.

Since you can't call it abuse, NJABL's upstream has no reason to swing the
abuse hammer. (We all know it's hard enough to get many networks to swing
any sort of hammer at all, even for significantly more egregious
behavior.)

Since you can't convince their upstream to swing the abuse hammer, you
have two options:

1) Filter the traffic
2) Not filter the traffic

For the simple reason that there IS no central authority on the internet
who CAN decide what flys and what doesn't, grumbling on a mailing list is
about as far as one can go in response.

> Humm. This is something I have not run into before. Can you supply a URL
> that explains how to relay mail though a Telnet or RADIUS server?

No, but I can supply a URL that explains how to change the port that proxy
servers bind to. I don't think you actually need that, though.

You really think people who professionally hack servers and setup spam
relay proxies put them on the standard ports?

> LOL! I see, this is my fault because I actually take steps to secure my
> environment. ;-)

No, but it is your fault for overreacting to your IDS.

Security doesn't require an IDS. An IDS merely tells you who's checking
your doorknobs to see if they're locked. If you do a good enough job
keeping your doors locked, an IDS is little more than a touchy doorbell at
3 AM, being tripped by the wind.

Andy

---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---




More information about the NANOG mailing list