[72006] in North American Network Operators' Group
Re: BGP list of phishing sites?
daemon@ATHENA.MIT.EDU (Patrick W Gilmore)
Mon Jun 28 19:08:32 2004
In-Reply-To: <EC19F386-C951-11D8-B450-000A95CD987A@muada.com>
Cc: Patrick W Gilmore <patrick@ianai.net>
From: Patrick W Gilmore <patrick@ianai.net>
Date: Mon, 28 Jun 2004 19:07:43 -0400
To: nanog@nanog.org
Errors-To: owner-nanog-outgoing@merit.edu
On Jun 28, 2004, at 6:24 PM, Iljitsch van Beijnum wrote:
> On 28-jun-04, at 18:47, Paul Vixie wrote:
>
>> the root cause of network abuse is humans and human behaviour, not
>> hardware or software or corporations or corporate behaviour. if most
>> people weren't sheep-like, they would pay some attention to the
>> results
>> of their actions and inactions.
>
> It's easy to blame the user, and usually they deserve it, even if
> they're innocent this time they're guilty of something else. But if
> software is created in such a way that regular users manage to screw
> up consistently, maybe the software can be improved rather than the
> user chastised?
Software definitely needs to improve.
However, if you mailed out an attachment with the subject "this is a
virus, do not click on it", encrypted it and put the password in the
body, the virus would still spread like wildfire.
Never underestimate the power of human stupidity.
Which is why blacklists that depend on the ISP to continually train
"lusers" or risk disconnectivity for non-stupid users may not be the
right approach. People who run such ISPs CANNOT train all lusers all
the time. And the alternative is to not have end-user ISPs (i.e. not
an option).
Or maybe that is the way to go. I really don't know at this point.
But I do know if I were still running an ISP, I would instantly filter
any user / host / netblock proven to be infected / C&C / phishing site
/ etc. And I would not subscribe to any blacklist which had entries
for non "bad" IPs.
As I Am Not An ISP, I can only vote with my dollars.
Your network, your decision. My dollars, my decision. And I buy a lot
of bandwidth.... :)
--
TTFN,
patrick
