On Tue, May 10, 2011 at 10:15 AM, Scott Brim <scott.b...@gmail.com> wrote: > On Tue, May 10, 2011 at 09:42, Leigh Porter > <leigh.por...@ukbroadband.com> wrote: >> So are they basing this on you downloading it or on making it available for >> others? > > Without knowing the details, I wouldn't assume any such level of > competence or integrity. It could just be a broad witch hunt.
I know of a decent sized global ISP that ran (runs?) a large darknet that was the equivalent of a few /16's routed to a fbsd host running 'tcpdump' (a tad more complex, but essentially this). BayTSP (one of the 'make legal threats for the mpaa/riaa' firms) sent ~2k notes to the ISP about downloaders on these ips. Looking at netflow data (sample 1:1 on that interface) they had portscanned (from ip space registered in their name) each address in the range and sent subpoena-material to all ips that they thought they got a response from. At least baytsp got theirs? (money I mean)
