RE: BGP list of phishing sites?

Mailman List Mirror (Read Only)
1

I agree phishing bgp feed would disrupt the ip address
to all ISP's that listened to the bgp server involved.
I was addressing a specific issue with listening to such
a server and that is the loss of control issue. Sorry if that wasn't
clear.

So would ISP's block an phishing site if it was proven
to be a phishing site and reported by their customers?

Donald.Smith@qwest.com GCIA
pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC
Brian Kernighan jokingly named it the Uniplexed Information and
Computing System (UNICS) as a pun on MULTICS.

2

Would you block access to a kiddie porn site? Do you block access to "warez"
sites? Both are illegal. I'm not convinced that phishing is illegal in its own
right (except possible as "passing off").

Phishing sites only work because Banks won't invest in strong authentication,
and users are stupid. Why should it become the ISPs problem to fix those
inadequacies?

Some banks in Europe use one-time-password token things (such as SecurID). Are
those banks being caught out by phishing?

Simon