nanog mailing list archives
RE: Monumentous task of making a list of all DDoS Zombies.
From: "Steve Birnbaum" <steve.birnbaum () sky-vision net>
Date: Tue, 10 Feb 2004 11:47:01 +0200
Your staff will still get a ton of complaints. If these can be parsed by a script that looks for virus / trojan strings in the complaint,extracts the IP (or has your NOC dude just click the IP in his ticketing system, like in RT + IRTT) and the account just goes away - then
fine. So you want a major ISP to simply automatically disable accounts of its users based only on automated detection of an IP address and timestamp in something that APPEARS to be a complaint to an automated script? Do you want to start a pool to see how long it will take before the dictionary complaints start rolling in once such a system becomes publicly known? There is a reason why there are humans (overworked, unfortunately) handling abuse complaints. Make it easy, sure...but make it easy for the human to be able to properly inspect the complaint to see if it's legitimate BEFORE doing anything. But to the original issue of accountability. If an ISP can't write a simple tool to take an IP address & timestamp and spit out a username from radius logs, how do you expect them to implement a hash-based rdns tagging system? Steve ---- Steve Birnbaum SkyVision Global Networks Phone: +44 20 83871750 Email: steve.birnbaum () sky-vision net Note that it is never the fall that kills, it's the landing.
Current thread:
- Re: Monumentous task of making a list of all DDoS Zombies., (continued)
- Re: Monumentous task of making a list of all DDoS Zombies. Iljitsch van Beijnum (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Scott A Crosby (Feb 09)
- abusereporting (was Re: Monumentous task of making a list) Mikael Abrahamsson (Feb 08)
- Re: abusereporting Suresh Ramasubramanian (Feb 08)
- Re: abusereporting (was Re: Monumentous task of making a list) Steven M. Bellovin (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Guðbjörn Hreinsson (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Sean Donelan (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 08)
- RE: Monumentous task of making a list of all DDoS Zombies. Steve Birnbaum (Feb 10)
- Re: Monumentous task of making a list of all DDoS Zombies. Suresh Ramasubramanian (Feb 10)
- Re: Monumentous task of making a list of all DDoS Zombies. E.B. Dreger (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. Sean Donelan (Feb 08)
- Re: Monumentous task of making a list of all DDoS Zombies. E.B. Dreger (Feb 08)