Another DNS blacklist is taken down
Mark Segal
MSegal at Corporate.FCIBroadband.com
Wed Sep 24 18:18:33 UTC 2003
I think some RBLs might get better responses from the ISPs when they stop
taking "collateral damage gets the abuse department's attention" attitudes..
Some RBLs cause many providers a LOT of headaches, so it is not surprising
that when it is their turn to complain, the ISPs will just say: post to
abuse.ddos.isp.net and we might get around to fixing it. :).
Regards,
Mark
--
Mark Segal
Director, Network Planning
FCI Broadband
Tel: 905-284-4070
Fax: 416-987-4701
http://www.fcibroadband.com
Futureway Communications Inc. is now FCI Broadband
-----Original Message-----
From: Justin Shore [mailto:listuser at numbnuts.net]
Sent: September 24, 2003 12:29 PM
To: nanog at merit.edu
Subject: Another DNS blacklist is taken down
I thought ya'll might be interested to hear that yet another DNS blacklist
has been taken down out of fear of the DDoS attacks that took down
Osirusoft, Monkeys.com, and the OpenRBL. Blackholes.compu.net suffered a
joe-job earlier this week. Apparently the joe-jobbing was enough to
convince some extremely ignorant mail admins that Compu.net is spamming and
blocked mail from compu.net. Compu.net has also seen the effects of DDoS
attacks on other DNS blacklist maintainers. They've decided that the risk
to their actual business is too great and they are pulling the plug on their
DNS blacklist before they come under the gun by spammers.
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=3f70e839%24
1%40dimaggio.newszilla.com
Ron Guilmette, maintainer of the Monkeys.com blacklists has posted a
farewell from Monkeys.com to news.admin.net-abuse.email. Ron cites the
total lack of interest in the attacks by both big network providers and
law enforcement authorities as the ultimate reason he's pulling the plug.
http://groups.google.com/groups?q=%22Now+retired+from+spam+fighting%22&hl=en
&lr=&ie=UTF-8&oe=UTF-8&selm=vn1lufn8h6r38%40corp.supernews.com&rnum=4
It's truely a sad day for spam fighters everywhere.
So, my question for NANOG is how does one go about attracting the
attention of law enforcement when your network is under attack? How does
the target of such an attack get a large network provider who's customers
are part of the attack to pay attention? Is media attention the only way
to pressure a response from either group? These DDoS attacks have
received some attention in mainstream media:
http://www.msnbc.com/news/959094.asp?0cv=TB10
http://www.boston.com/news/nation/articles/2003/08/28/saboteurs_hit_spams_bl
ockers
Apparently it hasn't been enough. Legal remedies take too long and are cost
prohibitive (unless you're the DoJ). Subpoenas and civil lawsuits take
months if not years. Relief is needed in days if not hours.
Justin
More information about the NANOG
mailing list