[133510] in North American Network Operators' Group
Re: [Operational] Internet Police
daemon@ATHENA.MIT.EDU (Paul Graydon)
Fri Dec 10 12:50:47 2010
Date: Fri, 10 Dec 2010 07:50:41 -1000
From: Paul Graydon <paul@paulgraydon.co.uk>
To: nanog@nanog.org
In-Reply-To: <5A6D953473350C4B9995546AFE9939EE0B14CE55@RWC-EX1.corp.seven.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 12/10/2010 07:45 AM, George Bonser wrote:
>> From: William McCall
>> Sent: Friday, December 10, 2010 8:45 AM
>> To: Lamar Owen
>> Cc: nanog@nanog.org
>> Subject: Re: [Operational] Internet Police
>
>> To the folks out there that presently work for an SP, if someone
>> called you (or the relevant department) and gave you a list of
>> end-user IPs that were DDoSing this person/entity, how long would you
>> take to verify and stop the end user's stream of crap? Furthermore,
>> what is the actual incentive to do something about it?
> The behavior is no different than a street gang who would attempt to
> influence the behavior of a local merchant by threatening damage to the
> store. In the case of internet operations, we seem to tolerate the
> behavior or simply assume little can be done so many don't even try. If
> an ISP were to actively disconnect clients who were infected with a bot
> (intentionally infected or not), the end users themselves might be a
> little more vigilant at keeping their systems free of them. *But* any
> ISP doing that would also have to be prepared to invest some effort in
> trying to help absolutely clueless people (in many cases) remove these
> bots from their systems. It can quickly become a huge time swamp.
>
>
Not to mention the risk of lost business for customers that just can't
be bothered to fix broken machines.
Paul
