On Mon, Sep 01, 2008 at 11:08:20AM -0400, [EMAIL PROTECTED] wrote:
> > What is your price for cocaine?
>
> No, seriously.. If, as some estimates have it, 80% of the traffic is P2P, and
> as other estimates have it, 90% of that is copyright-infringing, then if that
> traffic disappears, anybody who
On Mon, Sep 01, 2008 at 09:21:24AM -0500, Laurence F. Sheldon, Jr. wrote:
> [EMAIL PROTECTED] wrote:
> >On Mon, 01 Sep 2008 08:48:12 -, Paul Ferguson said:
>
> >>Is this an issue that network operations folk don't really care
> >>about?
> >
> >If somebody's paying you $n/megabyte for transit/c
Eric, as you say, it is a multi part test. With fairly clear
distinctions between a compromised node and one under the direct
control of a criminal
So while it is unrealistic when viewed in isolation, put together with
other factors it starts to make a lot of sense.
thanks
srs
On Wed, Sep 3, 200
Suresh,
In a parallel universe we're considering profiles for "licit use" of
some mechanism. One element of a multi-part test to distinguish "licit"
from "illicit" was the presence or absence of known signatures for
malware. After some thought it was understood that this test was
equivalent t
There's this concept known as "dual criminality" in such situations,
when you're looking at international prosecutions (or whatever).
So, while lesé majesté - insult to the king - is a crime in thailand
(liable to get you lynched before you get prosecuted, at that) that
doesnt mean the thai author
Paul Ferguson wrote:
My next question to the peanut gallery is: What do you
suggest we should do on other hosting IP blocks are are continuing
to host criminal activity, even in the face of abuse reports, etc.?
Seriously -- I think this is an issue which needs to be addressed
here. ISPs cannot c
Paul Vixie said on 9/1/08 "OPN's are an unmanageable risk to
all of us. Netops people generally sweep OPNs under the rug, yes."
I agree completely, but how do we begin to address this problem?
Words are not enough, we need some action and that action, whatever it may
be will make
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Steven M. Bellovin" <[EMAIL PROTECTED]> wrote:
>On Mon, 01 Sep 2008 11:08:20 -0400 [EMAIL PROTECTED] wrote:
>
>> a) There exist providers that are willing to take money from scum.
>> b) We won't get rid of the scum until we admit (a) is true.
>
PROTECTED]
Subject: Re: GLBX De-Peers Intercage [Was: RE: Washington Post:
Atrivo/Intercag
[EMAIL PROTECTED] ("Paul Ferguson") writes:
> My next question to the peanut gallery is: What do you suggest we should
> do on other hosting IP blocks are are continuing to host criminal
>
[EMAIL PROTECTED] ("Paul Ferguson") writes:
> My next question to the peanut gallery is: What do you suggest we should
> do on other hosting IP blocks are are continuing to host criminal
> activity, even in the face of abuse reports, etc.?
depending on what you mean by "we", the immortal words of
On Mon, 01 Sep 2008 11:33:21 EDT, "Steven M. Bellovin" said:
> On Mon, 01 Sep 2008 11:08:20 -0400
> [EMAIL PROTECTED] wrote:
>
> > a) There exist providers that are willing to take money from scum.
> > b) We won't get rid of the scum until we admit (a) is true.
>
> I mostly agree with you -- but
Steven M. Bellovin wrote:
On Mon, 01 Sep 2008 11:08:20 -0400
[EMAIL PROTECTED] wrote:
a) There exist providers that are willing to take money from scum.
b) We won't get rid of the scum until we admit (a) is true.
I mostly agree with you -- but I get very worried about who defines
"scum".
Wh
On Mon, 01 Sep 2008 11:08:20 -0400
[EMAIL PROTECTED] wrote:
> a) There exist providers that are willing to take money from scum.
> b) We won't get rid of the scum until we admit (a) is true.
I mostly agree with you -- but I get very worried about who defines
"scum". Consider the following cases,
On Mon, 01 Sep 2008 09:21:24 CDT, "Laurence F. Sheldon, Jr." said:
> [EMAIL PROTECTED] wrote:
> > On Mon, 01 Sep 2008 08:48:12 -, Paul Ferguson said:
>
> >> Is this an issue that network operations folk don't really care
> >> about?
> >
> > If somebody's paying you $n/megabyte for transit/con
[EMAIL PROTECTED] wrote:
On Mon, 01 Sep 2008 08:48:12 -, Paul Ferguson said:
Is this an issue that network operations folk don't really care
about?
If somebody's paying you $n/megabyte for transit/connectivity, what's your
incentive to make them clean up their act and get rid of their P2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 08-09-01 à 12:34, Gadi Evron a écrit :
Workeable suggestions? So far I've seen,
* organized shunning
* BGP blacklists
I can see the "don't be the Internet's firewall" bunch jumping up
and out of their seats, spilling their cof
On Mon, 1 Sep 2008, William Waites wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 08-09-01 à 12:18, Adrian Chadd a écrit :
Oh come on, how quickly would that migrate to enforcing copyright
infringement? Or if you're especially evil, used by larger companies
to bully smaller companies
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 08-09-01 à 12:18, Adrian Chadd a écrit :
Oh come on, how quickly would that migrate to enforcing copyright
infringement? Or if you're especially evil, used by larger companies
to bully smaller companies out of precious IPv4 space?
With appropri
On Mon, 1 Sep 2008, Adrian Chadd wrote:
On Mon, Sep 01, 2008, William Waites wrote:
As mentioned in private email, I think where there is *evidence* of
*criminal* activity, show this to a judge, get the judge to order ARIN
to revoke the ASN/netblock, the traffic then becomes bogon and can/
shou
On Mon, Sep 01, 2008, William Waites wrote:
> As mentioned in private email, I think where there is *evidence* of
> *criminal* activity, show this to a judge, get the judge to order ARIN
> to revoke the ASN/netblock, the traffic then becomes bogon and can/
> should be filtered.
Oh come on, how qu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 08-09-01 à 10:48, Paul Ferguson a écrit :
My next question to the peanut gallery is: What do you
suggest we should do on other hosting IP blocks are are continuing
to host criminal activity, even in the face of abuse reports, etc.?
As mentione
* > On Mon, Sep 01, 2008 at 05:36:47AM -0400, [EMAIL PROTECTED] wrote:
>>
>> Serious question, that - how many long-haul providers would be in serious
>> trouble if all the spam and filesharing suddenly stopped and only legitimate
>> traffic travelled through their pipes?
>
> define "legitim
On Mon, Sep 01, 2008 at 05:36:47AM -0400, [EMAIL PROTECTED] wrote:
>
> Serious question, that - how many long-haul providers would be in serious
> trouble if all the spam and filesharing suddenly stopped and only legitimate
> traffic travelled through their pipes?
define "legitimate"
--b
On Mon, 1 Sep 2008, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Paul Ferguson" <[EMAIL PROTECTED]> wrote:
-- "Marc Sachs" <[EMAIL PROTECTED]> wrote:
http://cidr-report.org/cgi-bin/as-report?as=AS27595&v=4&view=2.0
My only concern here is that by the publicit
On Mon, 01 Sep 2008 08:48:12 -, Paul Ferguson said:
> My next question to the peanut gallery is: What do you
> suggest we should do on other hosting IP blocks are are continuing
> to host criminal activity, even in the face of abuse reports, etc.?
>
> Seriously -- I think this is an issue whi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Paul Ferguson" <[EMAIL PROTECTED]> wrote:
>-- "Marc Sachs" <[EMAIL PROTECTED]> wrote:
>>http://cidr-report.org/cgi-bin/as-report?as=AS27595&v=4&view=2.0
>
>My only concern here is that by the publicity this issue continues
>to receive, these a
On Sat, 30 Aug 2008, Paul Ferguson wrote:
I applaud GLBX's move to disconnect Atrivo/Intercage.
What the Armin/McQuaid/Jonkman report [1] documented are activities
that many of us in the security community have known for a couple
of years.
One thing that Krebs _didn't_ mention in his WaPo artic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Marc Sachs" <[EMAIL PROTECTED]> wrote:
>Unless I'm mis-reading this (or perhaps GBLX read Kreb's story and said
>good-bye to Atrivo/Intercage), it looks like they are no longer their
>upstream:
>
>http://cidr-report.org/cgi-bin/as-report?as=AS27
28 matches
Mail list logo