Jared Mauch writes:
gcc sources aren't as bloated as emacs sources.
What you need to do is find a way to send the mimed sources to
someones text pager. Either that, or uuencoded to their pager. Then
build a compiler on the pager and put emacs on it.- Jared
So, as a "responsible" ISP, you advocate denial of service attacks?
You are either incredibly naive or intensely stupid to advocate
that position. Is that how you want people to deal with you when
your customers violate your AUP? I really want to hear your
justification for mail bombing ... maybe you have one for SYN attacks
too?
Frankly, there is NO valid reason for ANYONE to retaliate in this
manner. As an ISP, if you have a customer that spams someone, you
get flooded with hate mail -- this mail continues long after you
have wiped the abuser out of your system. But in the event someone
decides to mail the source to Linux 1000 times to your server,
copying abuse, root, postmaster, and support, they kill off your
entire site, denying thousands of innocent users Internet access.
The number of hours I have wasted over the past four years chasing
down hackers and mail bombers has been a real pain. I have ZERO
tolerance for this behavior.
If someone mail bombs my site, I will do everything in my power to
track them down and have them put in jail. Mail bombers are criminals.
If you are mail bombed and have the mail logs, here is a good place
to start in your efforts to prosecute the bastards: The FBI Computer
Crime Squad in Washington, DC -- 202-324-9164 -- ask for Rich Ress.
If the mail bombing is continuous, you can get a court order to
have the FBI seize their equipment in a few hours. You may want to
to to the federal prosecutor in your jurisdiction too.
If you provide access to military bases, you are in an even better
position to nail these folks. And be sure to file civil suit against
them too. If they respond to the suit, you can get them to spend
thousands of dollars in their civil defense (not to mention their
criminal defense). If they don't respond, you can file liens on
everything they own. I also find it useful to dispatch a press
release in the home town of the hackers, identifying them and the
details of the crime and its investigation. Call the TV stations
in their area too -- the local news loves to report on high-tech
crime.
In the event the hackers are international, you can filter their
IP addresses and notify their upstream providers that the filters
will remain in effect until they can provide assuarance that the
threat has been eliminated.
As a community, we need to slam hackers as hard as we possibly
can. As individual companies, we have very little to fight them
outside of the means listed above. But collectively, we could
black list rogue sites using IP filtering. I think that hackers
would consider things twice if they knew they were about to lose
connectivity to half the world because of their actions. I am
interested in what the other folks think about this too. The
time for complacency on this issue is over.
Dave Stoddard
US Net Incorporated
301-572-5926
dgs@us.net