From: Bradley Dunn <firstname.lastname@example.org>
Recently one of their customers decided the incoming directory on our FTP
server would be a good place to start a warez site. We mailed email@example.com
and firstname.lastname@example.org. Our mail included the src IP address and the times that
the uploading of the warez occurred. They were fairly quick to respond
with UUNet's policy on these matters. Basically they will only take
action when told to do so by a law-enforcement agency.
Well, common practice is to have your incoming directory writable but not
readable, but, barring that lapse, once you discovered what was going on
it was _your_ responsibility to inform the proper authorities with the
information you had. Quite a few ISPs have an AUP that states a members
account will be yanked upon reasonable proof of illegal or net.unfriendly
It is, however, a sticky situation trying to make ISPs net.cops. After
weighing the pros and cons, I have to give more weight to the "common
carrier" argument. It is _your_ responsibility to protect yourself. Most
of us here are more than willing to help you do that, and your time is
better spent getting your system setup properly than trying to get another
ISP to police their users. If people didn't make it so damn easy to abuse
their systems, there'd be a lot less abuse.
I think if you are getting attacked from a specific IP or block of IPs,
you have every right to filter those packets. I question the prudence of
a 'blacklist', though.
I think you have a right to filter any packets you want, for any ol' reason
whatsoever, into _your_ LAN. Just don't presume that any downstream
systems may also want to use whatever filtering "algorithm" you come up with.
Along the same lines, a blacklist from people or groups I trust (Bush, Vixie,
NANOG in general) saves me time.
From: Wayne Bouchard <email@example.com>
where it might be housed so... It would be nice if some group (Hey,
wait a minute.. we're something of a group..) could come up with an
"Acceptable Use Policy" that people could subscribe to or use as a
base for building their own policy. Keeping a list of people who have
This is starting to sound familiar...oh yeah, about ten years
ago...FidoNet Policy formulation...I'm in favor of anything that's no
longer than and embodies the same spirit as the following:
1.) Thou shalt not be excessively annoying.
2.) Thou shalt not be too easily annoyed.
I s'pose we can drop "Thou shalt honor ZoneMailHour"
From: Paul A Vixie <firstname.lastname@example.org>
we do when our network is congested is: delay it. What we do when we see
a large amount of junk in a mail queue that appears to be the result of
some automated process gone wild is (listen carefully) expunge it with no
notice to anybody.
So how about a creating a "white"list?
and a reply
From: "Robert A. Pickering Jr." <email@example.com>
This is a much better approach. Reward those who operate responsibly and
in a sense of cooperation. I'd certainly be willing to help on a draft
of such a charter.
Yeah, it sounds nice, positive, all feely-good and all that, but think for
a nanosecond or so.
What you'll end up with is a list of about 95-98% of all ISPs, and while
the folks at _Boardwatch_ and other compilers of 'net lists will greatly
appreciate your efforts, it's not gonna do those searching for a reputable
ISP a whole lotta good.
From: Barry Shein <firstname.lastname@example.org>
[in regard to dealing with spammers, crackers, and other net.miscreants]
Too often when an issue like this is discussed we are all mesmerized
by an image of getting a real bad guy.
No, if he's just a plain old jerk, that's ok too ...but...
I'd say around half of the complaints I see range from "there's
nothing wrong with that behavior, what's your point?", to "there's
To true, to true.
One gets the feeling that at our current level
of sophistication in internet governance no matter what the infraction
we'd either ignore it or crush the person's car, mostly depending on
which action was more convenient at the moment.
and your point is?...
From: email@example.com (Randy Bush)
Indeed. We don't neen no steenkin' legal system, we can just hang 'em
Works for me.
Maybe this whole thread could be moved to inet-excess or somewhere?
Actually, I'd like to take it somewhere, and to anyone who's traversed
this far into this spew--is there a half-way intelligent discourse going
on somewhere that goes into the more social/political aspects of network
operation? I realize any such forum is gonna be about 50% flame fest, but
as long as there are a few competent tech people to balance out the wild-
eyed idealists, liberals, and the other generally clueless, it shouldn't
be too bad.
_dave_(seemingly obligatory and definitely bandwidth wasting .sig)