(Brief extract: "One needs only to enforce existing contracts and management
charters (e.g. ICANN's) and to apply the basic principles of civilization
to the Internet. No one would fly an airline run like today's Internet.
Why should we tolerate such misoperation of an ever more critical resource
in modern life? Spam is not inevitable. It is the predictable consequence
of management decisions to use the Environmental Polluter business model
. . . .)
It's not a technical problem and there are NO technical solutions. The
only one that works is what is used in every other type of human
activity.
I am curious as to why open proxies, compromised hosts, trojans and routing games are not considered operational issues simply because the vehicle being discussed is spam.
With all due respect, we have a *problem*. End user machines on broadband connections are being misconfigured and/or compromised in frightening numbers. These machines are being used for everything from IRC flooder to spam engines, to DNS servers to massive DDoS infrastructure. If the ability of a teenager to launch a gb/s DDoS, or of someone DoSing mailservers off the internet with a trojan that contains a spam engine is not operational, perhaps it's just me that's confused.
Two-three years ago the warnings were ignored because it was only IRC. Now it's only spam. What does it take to make the Network Operators and NANOG decide that things that are a "very bad thing" on one protocol generally can bite you later on another if you ignore it because it's only <insert your least favorite program or protocol
I am curious as to why open proxies, compromised hosts, trojans and
routing games are not considered operational issues simply because
the vehicle being discussed is spam.
With all due respect, we have a *problem*. End user machines on
broadband connections are being misconfigured and/or compromised in
frightening numbers. These machines are being used for everything
from IRC flooder to spam engines, to DNS servers to massive DDoS
infrastructure. If the ability of a teenager to launch a gb/s DDoS,
or of someone DoSing mailservers off the internet with a trojan that
contains a spam engine is not operational, perhaps it's just me
that's confused.
Two-three years ago the warnings were ignored because it was only
IRC. Now it's only spam. What does it take to make the Network
Operators and NANOG decide that things that are a "very bad thing" on
one protocol generally can bite you later on another if you ignore it
because it's only <insert your least favorite program or protocol
>?
I believe that to be one of the most succint summaries of the issues
as I have read.
Not only that, but it's arguable that the problem is now significantly
worse.
Now IRC networks are *still* under attack, AND spam is a problem.
And reading from the wired article, hard-to-trace, possibly very illegal
websites are in the mix also.
What next, national security compromised because someone created a
massive P2P system with all these trojaned systems, and uploaded the
list of names of CIA operatives? Nice.
It's not inconceivable.
Personally I'm in favour of specific port filtering, and charging a
(small) premium ($10 a month?) for be able to run servers on residential
broadband connections.
Aunt Maggie in Florida doesn't NEED to run a server of any kind, and it
would probably make my life easier trying to solve problems for her.
Susan did not say it wasn't an operational issue. She said there are
other lists which focus on that issue.
There are many subjects of interest to operators which occasionally
flare up on NANOG, but then move to other lists. BIND issues concern
network operations, but a namedroppers list exists for the topic.
Peering is of operational interest, but the model-peer mailing list
exists for the topic. Network time synchronization if of interest to
operators but then the ntp newsgroup exists for the topic. Network
security is of interest to operators, but then nsp security mailing
lists exists for the topic. Address hijacking is of interest to
operators, but then the hijack mailing list exists for the topic.
Not every operators' forum must discuss spam. There is a reason why
more than one mailing list or forum on different topics exist on the
Internet.
I now return you to your meta-discussion whether the topic is on topic
for a particular forum. If you believe in zero tolorance, should the
forum moderator report us to our ISPs for network abuse and terminate
our Internet connection for discussion something the forum moderators
considers off topic?
Susan did not say it wasn't an operational issue. She said there are
other lists which focus on that issue.
Agreed.
There are many subjects of interest to operators which occasionally
flare up on NANOG, but then move to other lists. BIND issues concern
network operations, but a namedroppers list exists for the topic.
Peering is of operational interest, but the model-peer mailing list
exists for the topic. Network time synchronization if of interest to
operators but then the ntp newsgroup exists for the topic. Network
security is of interest to operators, but then nsp security mailing
lists exists for the topic. Address hijacking is of interest to
operators, but then the hijack mailing list exists for the topic.
So if there's a more specific list for every operational issue, should we
just shift discussion off to those lists? Should NANOG exist simply as a
live resource for 'What mailing list should I consult for ...'?
With all due respect, we have a *problem*. End user machines on
broadband connections are being misconfigured and/or compromised in
frightening numbers. These machines are being used for everything
from IRC flooder to spam engines, to DNS servers to massive DDoS
infrastructure. If the ability of a teenager to launch a gb/s DDoS,
or of someone DoSing mailservers off the internet with a trojan that
contains a spam engine is not operational, perhaps it's just me
that's confused.
I believe that to be one of the most succint summaries of the issues
as I have read.
I concur whole-heartedly. Add on the background noise of still unpatched Code Red, Nimda, SQL Slammer, Blaster, and the scanning for open servers (ftp, smtp, proxy, squid, socks, wingate, etc) and we are talking about a considerable amount of [malicious] bandwidth waste.
Adding further to that we have ridiculous quantities of ICMP spewing from Nachi/Welchia infections.
The average household broadband connections are indeed being compromised, but our "threshold of pain" seems to be exponentially growing as the background noise gets louder and louder, and unusual spikes get drowned out by P2P. It takes a major catastrophe like Slammer or Blaster to get anyone's attention anymore (above the abuse reports from IWFs (Idiots With [personal] Firewalls).
Personally I'm in favour of specific port filtering, and charging a
(small) premium ($10 a month?) for be able to run servers on residential
broadband connections.
So you are happy to pay a $10 premium for your VoIP phone if it allows inbound
calls?