Novice sysadmins

Wed Dec 6 17:16:35 UTC 2017

The day the secret service and the FBI showed up asking me for a network
audit due to suspicious traffic I realized that I need to take abuse@
seriously.

"I'm only the network administrator" didn't go over well.

I've always been more than willing to share knowledge and skill training
with those who show interest and talent; the more qualified and interested
people involved, the better, in my opinion. Making the club "exclusive" by
requiring thousands of dollars of training and testing is just another
method of control and elitism.

On Wed, Dec 6, 2017 at 9:38 AM, Filip Hruska <fhr at fhrnet.eu> wrote:

> I disagree that nobody cares about abuse.
>
> I actually received an abuse report from SES as someone thought it would
> be funny to flag my previous email I sent to this discussion as spam.
> https://i.imgur.com/RgQa2fN.png
>
>
> --
> Filip Hruska
> Linux System Administrator
>
> Dne 12/6/17 v 11:52 Rich Kulawiec napsal(a):
>
> On Tue, Dec 05, 2017 at 09:54:21AM -0700, Grant Taylor via NANOG wrote:
>>
>>> The vast majority of what I've experienced in the last ~20 years has been
>>> people willing to help others who are trying to help themselves.
>>>
>> "Help will always be given at Hogwarts to those who ask for it."
>>
>> If you are trying, make an honest mistake, and are willing to correct it
>>> when others politely let you know, you will quite likely find people
>>> willing
>>> to help you.  Especially if you return the favor in kind.
>>>
>> Yes.  That's how we all get better at this.  And when any of us learn,
>> we all benefit, so it's in our mutual best interest to share knowledge.
>> (I've learned more here than I can measure.  And I'm grateful for it.)
>>
>> If you are being a hooligan and not responding to problems reported to you
>>> or purposefully ~> wantonly doing things to others ... good luck.
>>>
>> And the latter is the problem: we are faced, unfortunately, with massive
>> operations that were designed, built, and deployed without the slightest
>> consideration for responsible behavior toward the rest of the Internet.
>> All the rest of us are paying the price for that arrogance, incompetence
>> and negligence: we're paying for it with DoS/DDoS defenses, with spam
>> and phish defenses, with brute-force attack defenses, with time and
>> money and computing resources,  with complexity, with late nights and
>> early mornings, with annoyed customers, and -- on the occasions when those
>> defenses fail -- devastating consequences for organizations and people.
>>
>> These costs aren't always obvious because they're not highlighted line
>> items in an accounting statement.  But they're real, and they're huge.
>>
>> How huge?  Well, one measure could be found in the observation that
>> there's now an entire -- large and growing -- market segment that
>> exists solely to mitigate the fallout from these operations.
>>
>> And those same massive operations are doing everything they possibly
>> can to avoid hearing about any of this.  That's why abuse@ is effectively
>> hardwired to /dev/null.  And I note with interest that nobody from AWS
>> has had the professionalism to show up in this thread and say "Gosh, we're
>> sorry.  We screwed up.  We'll try to do better.  Can you help us?"
>>
>> Because we would.
>>
>> ---rsk
>>
>>
>

-- 
Nate Metheny
natemetheny at gmail.com