Abuse Departments

Sun Oct 12 01:22:25 UTC 2003

After 3 Denial of Service attacks in the last 4 days, I'm beginning to wonder if there should be a standardization of some sort of abuse departments.  Or perhaps if there are some companys that should REALLY THINK (TM) about perhaps installing some.  When my domain is under attack by yours, that means you've done something WRONG, and you need to take care of it, the same as I would if mine is under attack.  How it's even concievable that you can operate without someone that has the authority to act on abuse 24/7 from your AS number's Org-Abuse is inconceivable.

Quite frankly the FBI cares not at all about Denial of Service attacks, because if they did such attacks wouldn't happen.  If I try to break into and cease the abusive actions of these hosts, I am myself committing a felony to defend my site from attack.  They however don't have someone on hand to stop the attacks and quite honestly the damage of not having a connection to the internet isn't expressable simply in monatary loss.  Real change needs to happen as far as accountability across the internet.  If everyone's going to run windows and kiddies are going to have packetnets that extend to millions of hosts, then someone needs to be on call at large consumer ISP's to yank cords when their customers boxes get compromised, the next ISP that tells me "we'll have someone call you about that tomorrow is going to get listed on nanog, and CC'd to an ISP hall of shame somewhere of my own making.  Please, please impart clue on your abuse department.  Allowing hosts in your domain to participate in DoS attacks is WRONG.

-- 

Andrew D Kirch  |	    trelane at 2mbit.com            | 
Security Admin  |  Summit Open Source Development Group  | www.sosdg.org