Not the A, the PTR... But yes, that could be a nasty retaliation by
spammers with control of their DNS. I would hope, however, that the
"screen saver's" target would be an IP address instead of a FQ mnemonic
From the article, I understand that Lycos will be manually watching the
list of targets and pushing updates to the users. Although I have
traditionally been in favor of low bandwidth "fixes", this kind of
appeals to my sense of poetic justice.
spammer buys hosting account, pays with fraudulent credit card, spams,
provider gets ddos'ed and ends up paying for all the bandwidth because you
can't well charge some unsuspecting grandma in alabama for it. i don't like
this kind of justice.
I agree and I'm surprised you even mentioned the wordt justice...since when is retaliating bad practices with more bad practises that are hardly likely to take out the real target considered a good idea..?
Paul G wrote:
'justice' was mentioned in the message i quoted. it appears i was not
remiss - i got an email from a guy running a small town isp telling me,
1. if i get hit with cc fraud, it is my own darn fault for not asking every
single $9.99/mo customer to fax me their retina scan.
2. incurring a humongous bandwidth bill instead of being out said $9.99 is
adequate punishment for my 'stupidity'
3. he likes the kind of justice where a provider gets harmed instead of the
abusive customer, because Good ISPs Recognize Bad Guys On Sight.
i've got news for you:
1. when you run a sufficiently large operation, credit card fraud is
approached as a risk mitigation excercise - you find a golden middle in
terms of verification which is cost-effective, ie reduces the incidence of
fraud to an acceptable level while not costing an arm and a leg in terms of
labour costs and encumbrance to the very large majority of legitimate
customers placing an order. the problem with getting ddosed is that this
cost-effectiveness calculation goes out the window because your risk is no
longer a measure of the price a customer is paying for the service, but
rather a measure of how much traffic lycos' botnet can direct at you. for
you, it may be bounded by the single t1 termed in your basement, while for
me it may be bounded by a gig-e feed i get from my upstream.
2. cc fraud was just an example, and probably a bad example at that, since
you can come up with a holier than thou argument against the example rather
than the practice of shoving traffic my way that neither i nor my clients
asked for. let's try again.
customer pays for a dedicated server with a valid credit card. we charge
them the monthly fee and keep the credit card on file. customer proceeds to
spam, or better yet installs an insecure formmail script, or his box gets
owned. he gets ddosed by lycos, racks up large overage bill and gets
terminated by us for breach of AUP. we notify the customer and try to bill
him for the overage charges. lo and behold, customer put a Do Not Honor
request on transactions initiated by us. we're stuck with the bw bill.
alternatively, customer charges back and their issuing bank is braindead and
we lose the chargeback. or customer was paying by check. whatever. see the
point? while we may be willing to risk the monthly charge because we won't
ask customers paying by check for a large security deposit, we aren't
willing to risk an arbitrarily high bw bill from folks who think they're
doing the 'net a favour by ddosing For Our Own Good.
"consumption" is equivalent to "denial", the only difference being in the
reason the service will no longer be available - administrative (ie
financial) and technical respectively. while we all would like to see
spam-related services not being available, there exist means to that end
that are not acceptable, such as hunting spammers with shotguns or ddosing
their (in many cases unknowing) providers.