Security Incidents mailing list archives
RE: Nimda et.al. versus ISP responsibility
From: "Michael B. Morell" <MMorell () vdat com>
Date: Thu, 27 Sep 2001 14:27:24 -0400
Here is my take..... And No I do not work for an ISP. The net has a very beautiful feature to it, decentralization. This allows users on the net to have vast freedoms without being policed with lots of restrictions. This freedom places the burden of responsibility solely on the user. This can be bad or good depending on which way you look at it. This gives individuals the freedom to choose what is best for their systems/networks. If I choose not to patch my system, then that is my choice. This is also bad because it allows for irresponsible users to be on the net. I for one, enjoy this freedom. But I also act responsibly by making sure my network is properly safeguarded against such attacks. And if I find a host on my network that is acting offensively, it is shut down. Now, the question posed is, Should the ISP's be responsible for policing hosts on their networks. The answer is clearly No. This goes against everything the net stands for. Now if I as a admin start seeing external threats from another network. I will first send an e-mail to that admin informing him/her of the activity. If they refuse to do anything about it or to reply back and I still see activity. I will either block that host or subnet if necessary. This will be my choice. Not someone else's. But to ask an ISP to make that choice for us is not the answer. Neither is asking our government to police the net. It is just wrong in so many different ways. Not to mention the potential legal battles between ISP's and their customers. While it is tempting to have ISP's or the Gov police us in order to reduce the attacks. The attacks will always be there and there will always be irresponsible people out there. You can choose to be one or not. You also have the choice to block them. In the end it's all about having the right to choose. Don't let anyone take that right away. Michael B. Morell, MCP+I MCSE Network Operations Administrator Visual Data Corporation -----Original Message----- From: Luc Pardon [mailto:lucp () skopos be] Sent: Thursday, September 27, 2001 12:50 PM To: incidents () securityfocus com Subject: Nimda et.al. versus ISP responsibility I'd like the opinion of the list on the attitude of ISP's versus worms. It is clear that we're going to see more of this. I think we all agree that connecting an unpatched IIS machine to the open Internet is acting irresponsibly. Most AUP's already prohibit spamming, port scanning etc. (at least on paper). Why not include "infection through negligence" as a reason for suspension? Maybe with a reasonable grace period the first time. Problem is that one ISP can't go it alone. If they pull the plug, they may loose the customer to a less responsible competitor. Unlike spammers, most worm victims are "offending" out of ignorance. Such a provision in the AUP would likely get their attention and maybe cause a mind shift towards "Unpatched Is Bad (tm)". What do you all think ? Luc Pardon Skopos Consulting Belgium ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Nimda et.al. versus ISP responsibility, (continued)
- Re: Nimda et.al. versus ISP responsibility Chip McClure (Sep 27)
- Re: Nimda et.al. versus ISP responsibility geoff (Sep 27)
- Re: Nimda et.al. versus ISP responsibility John Oliver (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Rich Puhek (Sep 27)
- Re: Nimda et.al. versus ISP responsibility terry white (Sep 27)
- RE: Nimda et.al. versus ISP responsibility John Campbell (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Adcock, Matt (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Tracy Martin (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Homer Wilson Smith (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Tracy Martin (Sep 27)
- Re: Nimda et.al. versus ISP responsibility Neil Dickey (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Michael B. Morell (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Dave Salovesh (Sep 27)
- RE: Nimda et.al. versus ISP responsibility UMusBKidN (Sep 27)
- Re: Nimda et.al. versus ISP responsibility robertm (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Jason Robertson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Mogull,Rich (Sep 27)
- RE: Nimda et.al. versus ISP responsibility ahoward (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Greg A. Woods (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Jay D. Dyson (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Greg A. Woods (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Stephen Villano (Sep 27)
- RE: Nimda et.al. versus ISP responsibility Chad Mawson (Sep 27)
(Thread continues...)
- Re: Nimda et.al. versus ISP responsibility Chip McClure (Sep 27)