nanog mailing list archives
Re: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd)
From: John Bambenek <bambenek () gmail com>
Date: Thu, 13 Nov 2008 06:30:39 -0600
Something to keep in mind. I don't believe it was McColo that was the end provider of "badware" per se (and I could be proven wrong), they simply played the enabling role by hosting it and looked the other way. Now don't get me wrong, they ought to be kicked offline for externalizing their costs on the rest of us, but what criminal charges could be filed here? I'm not a lawyer but the person actually committing the crime and a person who willing provides tools to someone committing a crime are in completely different boats.
We could criminalize hosting malicious tools, but then what of nessus, nmap, wireshark and the host of security tools that are effectively "dual use"? Child porn being an obvious exception of course, but the point remains. Negligence is bad and perhaps there are criminal remedies that can be brought to bear (I'm not a lawyer, I don't play one on the intarwebs) but I would imagine they would be minor in comparison.
That said, of course this information should be turned over to law enforcement. It often is.
j Charles Wyble wrote:
On to the question about how network operators can help LE: *Collect the data that proves a company such as Intercage/McColo is harboring cybercriminals* and get with your local FBI/Secret Service field office (or your state's Attorney General's office) (or both) and submit a complaint at IC3's website (www.ic3.gov) because we have an excellent team of analysts that track information like that. Package up the evidence you have and send it out.Excellent point. Something like the fine folks at http://hostexploit.com/ are doing.I also believe SANS has some excellent courses on forensics, and things like chain of custody etc. Not sure how much that applies to these sort of scenarios but it can't hurt to package/handle the evidence in as compliant a manner as possible.
Current thread:
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd), (continued)
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd) mike (Nov 11)
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd) Brian Keefer (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd) Kee Hinckley (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd) Paul Ferguson (Nov 12)
- RE: [funsec] McColo: Major Source of Online Scams and Spams KnockedOffline (fwd) Nick Newman (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams and Spams KnockedOffline (fwd) Jason Ross (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams and Spams KnockedOffline (fwd) Jeff Shultz (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams and Spams KnockedOffline (fwd) Steven Fischer (Nov 12)
- RE: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd) Nick Newman (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd) Charles Wyble (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd) John Bambenek (Nov 13)
- Re: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd) Chris Lewis (Nov 13)
- Re: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd) Matthew Black (Nov 14)
- RE: [funsec] McColo: Major Source of Online Scams andSpamsKnockedOffline (fwd) Dave Larter (Nov 14)
- RE: [funsec] McColo: Major Source of Online Scams andSpamsKnockedOffline (fwd) Gadi Evron (Nov 14)
- RE: [funsec] McColo: Major Source of Online Scams andSpamsKnockedOffline (fwd) Dave Larter (Nov 14)
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd) Paul Ferguson (Nov 12)
- Re: [funsec] McColo: Major Source of Online Scams and Spams Knocked Offline (fwd) mike (Nov 11)
- RE: [funsec] McColo: Major Source of OnlineScams andSpams KnockedOffline (fwd) Nick Newman (Nov 13)
- Re: [funsec] McColo: Major Source of Online Scams andSpams KnockedOffline (fwd) Simon Waters (Nov 13)
- Re: [funsec] McColo: Major Source of Online Scams and Spams KnockedOffline (fwd) Jay Hennigan (Nov 12)
- RE: [funsec] McColo: Major Source of Online Scams and Spams KnockedOffline (fwd) Frank Bulk (Nov 14)