Re: Dutch ISPs to collaborate and take responsibility for bottedclients

["Wayne E. Bouchard" <web () typo org>]

On Mon, Oct 05, 2009 at 03:55:02PM -0700, Owen DeLong wrote:
> On Oct 5, 2009, at 11:23 AM, Barry Shein wrote:
>
> > Perhaps someone has said this but a potential implementation problem
> > in the US are anti-trust regulations. Sure, they may come around to
> > seeing it your way since the intent is so good but then again "we all
> > decided to get together and blacklist customers who..." is not a great
> > elevator pitch to an attorney-general no matter how good the intent.
> That's not what is being discussed from my understanding.
>
> From my understanding, the intent is to share names of known
> abusers and data necessary to help in tracking DDOS.
>
> I don't believe that any ISP is expected to necessarily take any
> particular action determined by the group with respect to the
> list of names they are given.
>
> I do think that it is reasonable to have an agreement among
> an industry organization or collaboration which states that
> ISPs which determine that abuse is being sourced from one of
> their customers (either through their own processes or by
> notification from another participant) should be expected to
> take the necessary steps to mitigate that abuse from exiting
> said ISPs autonomous system.

In a way, this is kind of like stores keeping a list of bad check
writers. The whole information sharing thing can get more than a
little touchy from a legal perspective.

Then again, an independant database could also be viewed as a sort of
internet credit agency. Stuff in a name, get a score back and certain
flags and make your judgement based on that.

  "I'm sorry, I can't give you an email account. Your internet-karma
  rating came back below our minimum levels."

-Wayne

---
Wayne Bouchard
web () typo org
Network Dude
http://www.typo.org/~web/