Sent from my iPad
On Jun 8, 2010, at 3:30 PM, Brielle Bruns <br...@2mbit.com> wrote: > On 6/8/10 2:12 PM, Dave Rand wrote: > >> It's really way, way past time for us to actually deal with compromised >> computers on our networks. Abuse desks need to have the power to filter >> customers immediately on notification of activity. We need to have tools to >> help us identify compromised customers. We need to have policies that >> actually work to help notify the customers when they are compromised. >> >> None of this needs to be done for free. There needs to be a "security >> fee" charged _all_ customers, which would fund the abuse desk. >> >> With more than 100,000,000 compromised computers out there, it's really >> time for us to step up to the plate, and make this happen. > > > Problem is, there's no financial penalties for providers who ignore abuse > coming from their network. > Problem is there's no financial liability for producing massively exploitable software. No financial penalty for operating a compromised system. No penalty for ignoring abuse complaints. Etc. Imagine how fast things would change in Redmond if Micr0$0ft had to pay the cleanup costs for each and every infected system and any damage said infected system did prior to the owner/operator becoming aware of the infection. > DNSbl lists work only because after a while, providers can't ignore their > customer complaints and exodus when they dig deep into the bottom line. > > We've got several large scale IP blocks in place in the AHBL due to this > exact problem - providers know there's abuse going on, they won't terminate > the customers or deal with it, because they are more then happy to take money. > > Legit customers get caught in the cross-fire, and they suffer - but at the > same time, those legit customers are the only ones that will be able to force > a change on said provider. > > They contact us, and act all innocent, and tell people we're being > unreasonable, neglecting to tell people at the same time that the > 'unreasonable' DNSbl maintainer only wants for them to do a simple task that > thousands of other providers and administrators have done before. > > -- > Brielle Bruns > The Summit Open Source Development Group > http://www.sosdg.org / http://www.ahbl.org