Dailydave mailing list archives
Re: ISP's regulating criminals
From: Paul Wouters <paul () xelerance com>
Date: Tue, 7 Dec 2004 21:43:47 +0100 (MET)
On Tue, 7 Dec 2004 robert () dyadsecurity com wrote:
], ISPs should be required to better detect when zombie computers [that enable spam and phishing attacks] are sitting on their networks. I know that ISPs are considered a "Publisher" under certain laws. It does not, however, mean that they have to be stupid and let their storage and bandwidth be used by criminals.
While I believe it is good for the ISP to do so on its own network, it is a bad idea to keep large centralised lists, that as you point out, are easilly manipulated with IP spoofing. But an ISP can be pretty sure nothing gets spoofed on its own network that it won't recognise. XS4ALL, the oldest Dutch ISP that came out of the hacking scene has a very good policy. When they detect a computer has gone zombie, usually by the amount of spam bounces and/or complains, they just block port 80 of that machine until its owner calls the helpdesk. It means that important things like email or ssh keeps working, just their browsing stops working. Once you have cleaned your system, Now what really worries me is the EU data retention plans that will be discussed on december 13th. 41 Dutch ISP's wrote a letter to our minister of justice (who deals with telecom security apparently) to say this was not very feasable, and his answer was that protesting is useless, because these are 'european matters, not national ones'..... I will leave it to the reader to calculate the amount of harddisks needed to comply to store all data for 6 months...... Over this matter, the of the big ISPs (again including XS4ALL) have left the Dutch branche organisation for ISPs. Paul _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- ISP's regulating criminals robert (Dec 07)
- Re: ISP's regulating criminals Paul Wouters (Dec 07)