nanog mailing list archives
Re: Death of the Internet, Film at 11
From: "Ronald F. Guilmette" <rfg () tristatelogic com>
Date: Sun, 23 Oct 2016 16:19:18 -0700
In message <26b01962-9b09-11cb-0ac8-89cf3e0a5f96 () nuclearfallout net>, John Weekes <jw () nuclearfallout net> wrote:
... I've recorded about 2.4 million IP addresses involved in the last two months (a number that is higher than the number of actual devices, since most seem to have dynamic IP addresses). The ISPs behind those IP addresses have received notifications via email...
Just curious... How well is that working out? I've tried this myself a few times in the past, when I've found things that appear to be seriously compromised, and for my extensive trouble I've mostly received back utter silence and no action. I remember that after properly notifying security@ some large end-luser cable network in the SouthEast (which shall remain nameless) I got back something along the lines of "Thank you. We'll look into it." and was disgusted to find, two months later, that the boxes in question were still utterly pwned and in the exact same state they were two months prior, when I had first reported them. I guess that's just an example of what somebody else already noted here, i.e. that providers don't care to spend the time and/or effort and/or money necessary to actually -do- anything about compromised boxes, and anyway, they don't want to lose a paying customer. So, you know, let's just say for the sake of argument that right now, today, I know about a botnet consiting of a quarter million popped boxes, and that I have in-hand all of the relevant IPs, and that I have no trouble finding contact email addresses for all of the relevant ASNs. So then what? The question is: Why should I waste my time informing all, or even any of these ASNs about the popped boxes on their networks when (a) I am not their customer... as many of them have been only too happy to gleefully inform me in the past... and when (b) the vast majority simply won't do anything with the information? And while we are on the subject, I just have to bring up one of my biggest pet peeves. Why is it that every time some public-spirited altrusitc well-meaning citizen such as myself reports any kind of a problem to any kind of a company on the Internet, the report itself gets immediately labeled and categorized as a "complaint". If I spend some of -my- valuable time to helpfully try to let somebody else know of a problem on their network, or with their web site, and if that report gets categorized as a "complaint" then what does that make me? A "complainer"?? I don't need this kind of abuse and denegration from people who I'm trying to help. Like most other people, if I am in need of some personal denegration and abuse... well... I have relatives for that. Regards, rfg
Current thread:
- Re: Death of the Internet, Film at 11, (continued)
- Re: Death of the Internet, Film at 11 bzs (Oct 23)
- Re: Death of the Internet, Film at 11 Martin Hannigan (Oct 23)
- Re: Death of the Internet, Film at 11 bzs (Oct 23)
- Re: Death of the Internet, Film at 11 Jean-Francois Mezei (Oct 23)
- Re: Death of the Internet, Film at 11 Aaron C. de Bruyn via NANOG (Oct 23)
- Re: Death of the Internet, Film at 11 Jean-Francois Mezei (Oct 23)
- Re: Death of the Internet, Film at 11 Eric S. Raymond (Oct 23)
- Re: Death of the Internet, Film at 11 Ronald F. Guilmette (Oct 23)
- Re: Death of the Internet, Film at 11 bzs (Oct 23)
- Re: Death of the Internet, Film at 11 Ronald F. Guilmette (Oct 23)
- Re: Death of the Internet, Film at 11 Stephen Satchell (Oct 23)
- Re: Death of the Internet, Film at 11 David Conrad (Oct 23)
- Re: Death of the Internet, Film at 11 Stephen Satchell (Oct 23)