> As for someone saying the attacking a network not under your control is ethical > and Legal, I will remind that person that this system is in Texas, and we have > statutes making the practice illegal, and subject to substantial fines. Put > that together with an Attorney General who is enthusiastic about prosecuting > computer crimes.
Wow. So do you filter folks using Outlook that do an SMTP get every minute or so with the default settings in Office 2k/xp? Are they *attacking* you as well? Frequent web hits from the same client? Not clear from your site how you bill, but industry standard is either 95% peak usage or total GB per month. If I'm paying for traffic, you shouldn't care what it is, as long as it's legal. It comes down to what's an attack. I'd have trouble understanding six pings being an attack -- many small businesses (same folks who use shared servers and lots of your customers, right?) use 1 IP address and NAT it. Try this scenario "Bob, I can't ping the server. Can you try Sue?". "No luck here Bill, I'll try it from the server". "alright, i'll try it again though. "Nope, that's not it either, I'll try it from the router/pix/whatever". "Ok, now I have to call support to see what's up.... " "Yes sir, I understand you're having a problem. Oh -- you were attacking our server and we turned you off". Not very customer-centric. And I bet you'd have trouble defending that in court under that Texas law.... though I'm not familiar with Texas statutes, but I am with Virginia's -- and we're the Silicon Dominion so there's quite a few hi-tech laws. But redalert.com (now part of Keynote now) isn't violating any laws as far as "attacking" sites. No question Welchia violated laws, but there's a big difference between Welchia pinging you and a *customer* monitoring the site they pay you for. I'm the first person to say monitor the service you really need to monitor -- eg HTTP if it's web, SMTP if it's outbound mail, etc. Personally I'm a big fan of nagios and most every service provider I've ever dealt with had at least MRTG running internally to provide a window into uptime. That said, I still start with a ping when someone tells me we have a problem. > Like it or not, unnecessary internet traffic is just that, unnecessary. So get > a real job. Who judges what's "unnecessary"? All that graphic crap, flash, etc all get in the way of the text content. It's sort of unnecessary so just filter it out too? And the stupid stuff -- let's get rid of that. No more Survivor fan sites. And none of these useless newsgroups :) Welchia was nasty, but a block on the appropriate RPC ports at the perimeter routers and a little proactive monitoring of the syslog for scanning pings is plenty to protect you. It's not *that* hard to write a perl script that's a little more forgiving. We share space with Crutchfield and a couple other large regional companies and had no issues other than general slowness from the *rest* of world, particularly Adelphia which handled everything pretty darn poorly. Regards, John Paul Ashenfelter CTO/Transitionpoint [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm?link=i:4:138317 Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 ColdFusion MX 6.1, now 2.5 times faster. http://www.macromedia.com/software/coldfusion/productinfo/upgrade/jump/introducing.html?trackingid=ColdFusion_468x60g_HouseofFusion_carat_082803