Spyware becomes increasingly malicious

David Schwartz davids at webmaster.com
Mon Jul 12 18:16:15 UTC 2004



> On 7/12/04 12:33 PM, "Michel Py"
> <michel at arneill-py.sacramento.ca.us> wrote:

> Some peering contracts specify that behaviors that endanger a
> network or its
> users allow for immediate disconnection. Its a bit of a stretch to invoke
> this for a spyware site.

	I think you could find a few experts that could argue that malware in
general, and CWS in specific, has no reached the point where it is entirely
reasonable to classify it as endangering the users of the network. Anyone
who has dealt with a variant of CWS for which a remover was not available
will tell you how much trouble it causes, rendering systems unusable until
you find the magic combination, reimage the system, or wait until someone
else figures out the variant. One wrong turn probing it can render a machine
unusable until it's reloaded.

	In the meantime, let's at least blackhole all their IPs on our networks.
One way to reduce malware is to reduce the benefits of creating and
distributing it. Another way is to find the people benefiting and stringing
them up in the town square.

	DS





More information about the NANOG mailing list