nanog mailing list archives
RE: Another DNS blacklist is taken down
From: Mark Segal <MSegal () Corporate FCIBroadband com>
Date: Wed, 24 Sep 2003 14:18:33 -0400
I think some RBLs might get better responses from the ISPs when they stop taking "collateral damage gets the abuse department's attention" attitudes.. Some RBLs cause many providers a LOT of headaches, so it is not surprising that when it is their turn to complain, the ISPs will just say: post to abuse.ddos.isp.net and we might get around to fixing it. :). Regards, Mark -- Mark Segal Director, Network Planning FCI Broadband Tel: 905-284-4070 Fax: 416-987-4701 http://www.fcibroadband.com Futureway Communications Inc. is now FCI Broadband -----Original Message----- From: Justin Shore [mailto:listuser () numbnuts net] Sent: September 24, 2003 12:29 PM To: nanog () merit edu Subject: Another DNS blacklist is taken down I thought ya'll might be interested to hear that yet another DNS blacklist has been taken down out of fear of the DDoS attacks that took down Osirusoft, Monkeys.com, and the OpenRBL. Blackholes.compu.net suffered a joe-job earlier this week. Apparently the joe-jobbing was enough to convince some extremely ignorant mail admins that Compu.net is spamming and blocked mail from compu.net. Compu.net has also seen the effects of DDoS attacks on other DNS blacklist maintainers. They've decided that the risk to their actual business is too great and they are pulling the plug on their DNS blacklist before they come under the gun by spammers. http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=3f70e839%24 1%40dimaggio.newszilla.com Ron Guilmette, maintainer of the Monkeys.com blacklists has posted a farewell from Monkeys.com to news.admin.net-abuse.email. Ron cites the total lack of interest in the attacks by both big network providers and law enforcement authorities as the ultimate reason he's pulling the plug. http://groups.google.com/groups?q=%22Now+retired+from+spam+fighting%22&hl=en &lr=&ie=UTF-8&oe=UTF-8&selm=vn1lufn8h6r38%40corp.supernews.com&rnum=4 It's truely a sad day for spam fighters everywhere. So, my question for NANOG is how does one go about attracting the attention of law enforcement when your network is under attack? How does the target of such an attack get a large network provider who's customers are part of the attack to pay attention? Is media attention the only way to pressure a response from either group? These DDoS attacks have received some attention in mainstream media: http://www.msnbc.com/news/959094.asp?0cv=TB10 http://www.boston.com/news/nation/articles/2003/08/28/saboteurs_hit_spams_bl ockers Apparently it hasn't been enough. Legal remedies take too long and are cost prohibitive (unless you're the DoJ). Subpoenas and civil lawsuits take months if not years. Relief is needed in days if not hours. Justin
Current thread:
- RE: Another DNS blacklist is taken down, (continued)
- RE: Another DNS blacklist is taken down Joel Perez (Sep 24)
- RE: Another DNS blacklist is taken down Justin Shore (Sep 24)
- RE: Another DNS blacklist is taken down Mike Batchelor (Sep 29)
- Re: Another DNS blacklist is taken down Jared Mauch (Sep 29)
- Re: Another DNS blacklist is taken down Dan Armstrong (Sep 29)
- Re: Another DNS blacklist is taken down Jared Mauch (Sep 29)
- Re: Another DNS blacklist is taken down Mike Tancsa (Sep 29)
- Re: Another DNS blacklist is taken down Dan Armstrong (Sep 29)
- Re: Another DNS blacklist is taken down Jared Mauch (Sep 29)
- Re: Another DNS blacklist is taken down Steve Linford (Sep 29)
- RE: Another DNS blacklist is taken down Justin Shore (Sep 24)
- RE: Another DNS blacklist is taken down Joel Perez (Sep 24)
- RE: Another DNS blacklist is taken down Justin Shore (Sep 24)
- Re: Another DNS blacklist is taken down Leo Bicknell (Sep 24)
- Re: Another DNS blacklist is taken down Jack Bates (Sep 24)
- Re: Another DNS blacklist is taken down Chris Lewis (Sep 24)