BGP list of phishing sites?
Iljitsch van Beijnum
iljitsch at muada.com
Mon Jun 28 22:24:29 UTC 2004
On 28-jun-04, at 18:47, Paul Vixie wrote:
> the root cause of network abuse is humans and human behaviour, not
> hardware or software or corporations or corporate behaviour. if most
> people weren't sheep-like, they would pay some attention to the results
> of their actions and inactions.
It's easy to blame the user, and usually they deserve it, even if
they're innocent this time they're guilty of something else. But if
software is created in such a way that regular users manage to screw up
consistently, maybe the software can be improved rather than the user
chastised?
> actions like buying something from a
> spammer or clicking the "unsubscribe me" button in spam mail,
The problem is that a few in a thousand that do this ruin things for
the rest. In anything involving humans it's useless to expect the right
thing to happen 100% of the time.
> or running microsoft outlook.
Can't argue with you there.
> inactions like leaving their cable/DSL pee cee up 24x7 and never
> wondering why the activity light on their modem flickers constantly.
:-) My cable modem activity light starts blinking as soon as there is
a link and never stops. A /20 can generate a significant amount of ARP
traffic during the best of times...
> if you want people to notice the results of their actions and
> inactions, then they have to be brought into the equation.
Ah, you are a BOFH follower. Unfortunately, rudeness rarely results in
enlightenment.
>> Still, anti-spam blacklists are pretty much universally applied inside
>> SMTP implementations these days. So if 3828747.dhcp.bigcable.com is
>> blacklisted because it sources spam, people subscribing to the
>> blacklist will no longer receive spam from that host, but the host is
>> still capable of interacting with the net in general and the blacklist
>> users in particular over a host of other protocols.
> i'm trying to figure out why you think it's in your best interest to
> limit the impact of your defensive activities, or to limit the impact
> of
> sheep-like behaviour on the sheep-like humans who own these infected
> hosts.
That's not what I'm worried about. If people do the wrong thing, by all
means let them suffer the consequences so they may think twice about
doing it again. What worries me is the potential for hurting innocent
bystanders, or even active subversion of these mechanisms. I mean, what
better way to DoS someone than have them put on a blacklist?
> i think "decide for themselves" is the right meme.
Good!
> but where we differ is on the questions of ownership and
> responsibility. every network has to take responsibility for the
> traffic is spews, and cannot just say "take it up with my customer"
> since they're getting paid to make the spew possible. and every
> network
> has to be able to say "this shall not pass!" concerning traffic that
> does not match their "AUP", and the only recourse their customers can
> have is to sign up with a different network.
I think the one true way is to be found somewhere between the extremes
of controlling every little thing a customer does and not doing
anything. But the real issue is that this is even necessary. The
biggest problem we have with IP is that it doesn't provide for a way
for a receiver to avoid having to receiving unwanted packets. It would
be extremely useful if we could fix that.
More information about the NANOG
mailing list