Even you can be hacked

Fri Jun 11 21:52:05 UTC 2004


> This thread is quite amusing and interesting at the same time. If I read
> the original post right, Mr. Mike Bierstock was informed that he was
> generating an unusual amount of traffic, traffic he would have to
> pay for.
> He got the bill and had to deal with the consequences. What is wrong with
> that? Does it matter how this traffic was generated?

	Well, it depends upon the contract between the customer and the ISP. It
matters if the traffic was actually delivered. For example, if the traffic
was attack traffic that hit the ISP's filter, is it fair to charge the
customer for the traffic because it came over their line? If the ISP had an
obligation to stop attack traffic from their customers from getting onto the
Internet, yes, it matters if the costs are due to the ISP failing in that
obligation.

	As I understood this example, this was traffic that the ISP knew was
generated by a worm. The ISP had an obligation to stop this traffic with
filters or customer disconnection. They may or may not have complied with
their obligation. Either way, it's hard to see why the customer should pay
for traffic the ISP did not or should not have delivered.

	The customer could justifiably be billed for the extra costs he imposed
upon his ISP in dealing with his attack traffic, but not for the traffic
itself once it was identified. As I said, at the point the ISP should not
have delivered it. Doing so creates more victims, and the ISP has a greated
responsibility than the customer because they have greater knowledge and
control.

	It doesn't matter much what the contract says if the ISP wrote it and the
customer didn't understand it.

	Ask yourself a single yes or no question -- does an ISP have a
responsibility to stop worm traffic generated by their customers from
getting onto the Internet once they have identified it? And is so, does it
matter whether or not the customer cooperates?

	DS