nanog mailing list archives
Re: Nato warns of strike against cyber attackers
From: Owen DeLong <owen () delong com>
Date: Tue, 8 Jun 2010 21:31:43 -0500
Sent from my iPad On Jun 8, 2010, at 3:27 PM, "J. Oquendo" <sil () infiltrated net> wrote:
Jorge Amodio wrote:None of this needs to be done for free. There needs to be a "security fee" charged _all_ customers, which would fund the abuse desk.With more than 100,000,000 compromised computers out there, it's really time for us to step up to the plate, and make this happen.Or you should send the bill to the company that created the software that facilitated to get so many computers compromised, some folks in Redmond have a large chunk of money on the bank. My .02Seems like it's come full circle again (http://irbs.net/internet/nanog/0412/0109.html) and I can always recall Rob Thomas' take on this (http://irbs.net/internet/nanog/0412/0222.html) "Filtering out bogons removes yet one more potential source of badness. Does it remove all badness? Of course not. We win by degrees. Removing any tool from the bad persons' toolkit is useful." Not forgetting Mark Andrews "Any operator not implemting BCP 38 is potentially aiding and abetting some criminal. BCP 38 is over 10 years old. There is no excuse for not having equipment in place to handle the processing needs of BCP 38." ISP's could actually offset the charges to customers with helpdesks to re-coup some equipment costs while maintaining a clean network. As for the "blame the software" comment, irrelevant. If bad hosts were minimized, there would likely be less compromises irrespective of the vendor of the software. Statistically I would think the number of compromises would go down but at the same time I believe the criminals would get smarter. That's just the nature of the beast.
It's not irrelevant. If it were, apache would be more frequently exploited than IIS. It isn't. Owen
-- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
Current thread:
- Re: Nato warns of strike against cyber attackers, (continued)
- Re: Nato warns of strike against cyber attackers Jorge Amodio (Jun 08)
- Re: Nato warns of strike against cyber attackers Valdis . Kletnieks (Jun 08)
- RE: Nato warns of strike against cyber attackers Aaron Wendel (Jun 08)
- Re: Nato warns of strike against cyber attackers Jorge Amodio (Jun 08)
- Re: Nato warns of strike against cyber attackers Jorge Amodio (Jun 08)
- Re: Nato warns of strike against cyber attackers Gadi Evron (Jun 08)
- Re: Nato warns of strike against cyber attackers Hank Nussbacher (Jun 08)
- Re: Nato warns of strike against cyber attackers Joe Greco (Jun 09)
- Re: Nato warns of strike against cyber attackers Dave Rand (Jun 08)
- Re: Nato warns of strike against cyber attackers Jorge Amodio (Jun 08)
- Re: Nato warns of strike against cyber attackers J. Oquendo (Jun 08)
- Re: Nato warns of strike against cyber attackers Owen DeLong (Jun 08)
- Re: Nato warns of strike against cyber attackers JC Dill (Jun 08)
- Re: Nato warns of strike against cyber attackers Paul Ferguson (Jun 08)
- Re: Nato warns of strike against cyber attackers Owen DeLong (Jun 08)
- Re: Nato warns of strike against cyber attackers Paul Ferguson (Jun 08)
- Re: Nato warns of strike against cyber attackers Owen DeLong (Jun 09)
- Re: Nato warns of strike against cyber attackers Jorge Amodio (Jun 08)
- Re: Nato warns of strike against cyber attackers Barry Shein (Jun 09)
- Re: Nato warns of strike against cyber attackers Henry Yen (Jun 10)
- Re: Nato warns of strike against cyber attackers Larry Sheldon (Jun 10)
- Re: Nato warns of strike against cyber attackers Chris Adams (Jun 09)
- Re: Nato warns of strike against cyber attackers Larry Sheldon (Jun 09)