Spyware becomes increasingly malicious

Daniel Golding dgolding at burtongroup.com
Mon Jul 12 17:34:57 UTC 2004


On 7/12/04 12:33 PM, "Michel Py" <michel at arneill-py.sacramento.ca.us> wrote:

> 
>> Paul Vixie wrote:
>> or, to put it in terms you can all understand:
>> "why does that provider's upstream still have bgp peers?"
> 
> Maybe said upstream does not want to deal with TROs and legal issues?
> CWS is not illegal as of today.


CWS isn't illegal. On the other hand, there is no legal exposure from
depeering providers who take on these customers. TRO's and such would only
come into effect if the provider's peers failed to observe the contractually
obligated notice period (30-60 days, normally).

Some peering contracts specify that behaviors that endanger a network or its
users allow for immediate disconnection. Its a bit of a stretch to invoke
this for a spyware site.

Depeering has been threatened as an anti-spam measure - it is reasonable
effective. This hasn't been extended to spyware, as it doesn't get the same
level of press. 

If you contact a provider who is hosting malware, and they refuse to remove
it or disconnect the hoster, you could always try contacting their peers and
cc:ing the offending provider. End-user networks (DSL, Cable, dial-up), are
particularly sensitive to software that might harm their users.

> 
>> if you give people the means to hurt you, and they do it,
>> and you take no action except to continue giving them the
>> means to hurt you, and they take no action except to keep
>> hurting you, then one of the ways you can describe the
>> situation is "it isn't scaling well."
> 
> Could not agree more.
> 
> Michel.
> 

-- 
Daniel Golding
Network and Telecommunications Strategies
Burton Group





More information about the NANOG mailing list