The one takeaway i get from this seems to be that the bad guys are perfectly aware of just where they can find loose or poorly implemented security and abuse policies - who is incompetent, who is malicious, who to abuse, who not to abuse

And action if any gets taken only after significant pressure is applied.

--srs

On 27-Aug-2016, at 2:39 PM, ox <andre@ox.co.za> wrote:

On Sat, 27 Aug 2016 14:05:38 +0530
Suresh Ramasubramanian <ops.lists@gmail.com> wrote:

Curious - what factors would these be that you identified?

But, at least two or more of the five factors are so very clear?

imho the most obvious is:
Effectively managing abuse depends on the interaction and relationship
between two main and different techs of the Internet

Those engineers that route and those that are system engineers

The second most obvious thing, in my opinion, may be that if you ask
ten of either of these what constitutes Internet abuse, you will
receive at least two and as much as five (or more), different answers.

and then there are so many other factors, what do you think the factors
are?


Andre


On 27-Aug-2016, at 2:00 PM, ox <andre@ox.co.za> wrote:

On Sat, 27 Aug 2016 13:41:28 +0530
Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
Worth a read
http://krebsonsecurity.com/2016/08/inside-the-attack-that-almost-broke-the-internet/

Yes, the actual logs that Brian Krebs publishes, of the
conversations, underlines and serves as clear proof of those
factors which serves to obtuse anti abuse efforts.

Until this is resolved, Internet abuse will continue to be
difficult to manage. This makes it difficult for anyone one the
Internet, including the Cyber Criminals themselves, to deal with
Internet abuse effectively anyway.

2c

Andre