[SATLUG] ATT Thanks you

Luis Garza luis at luisgarza.com
Mon Jan 8 16:57:09 CST 2007 


Daniel J. Givens wrote:
> Most ISPs do not take immediate action on these sorts of things. If
> they did, they would be completely overwhelmed. Think about how big
> AT&T is and how many customers, commercial and residential, they have.
> If you had a smaller ISP, then the response time might be better, but
> it is AT&T.
>
> Since most of these attacks are from zombies, there isn't much that
> can be gained. Law enforcement isn't going to get involved and the
> customer who's system is attacking you MIGHT get their account
> temporarily suspended. If you were being DDoS'd, then they would
> probably work with you more, but then again, if you don't have a
> commercial account, you wouldn't get top priority unless it was
> affecting other customers.
>
> I get people constantly beating on my SSH, web, and FTP services. I
> used to report them to the ISP they came from (abuse at whatever.com),
> but rarely did I ever hear anything back so I stopped. If it's not
> something that is actually going to break your server, then make sure
> your system is up to date and ignore it. Dealing with the numerous
> botnets is all part of having a publicly accessible service. If they
> bother you too much, start adding iptables rules against them like
> others have already said.

I get hit with ssh attacks all the time.  And I do IPTABLES DROP them. 
And I strongly suspect that this was a zombie pc being controlled else
where.

I think that it is the ISP's duty as a good net citizen by threatening to 
temperary drop the customer until the Windows Wimp installs SP2 and other
patches.  This will greatly reduce the zombie DDOS attacks and SPAMMERS
from using them to send out their junk.  This ISP's sit on the IPs like
they are gold but they let anyone abuse it.  I think that the INTERNIC
should make them be more responsible for their IPs or start taking away
blocks of IPs and sell them to a more responsible ISP.

Is just my thoughts on the matter.  Its just me remembering when being on
the internet was a priviledge.  If it was abused then you were kicked off.

It just seems to me that these hackers are using the zombie pc's to do
their dirty work.  Take away their tools then you take away their
livelyhood.  Can you just imagen how the internet would be :-)

A dreamer's rants....

More information about the SATLUG mailing list