On 10 Aug 2011, at 12:21, Frank Gadegast wrote:
Michele Neylon :: Blacknight wrote:
On 10 Aug 2011, at 11:46, Suresh Ramasubramanian wrote:
Of course. Please do try to educate a botmaster, snowshoe spammer, nigerian scam artist etc.
We are talking about ISPs and LIRs *not* about network abusers
Disagreed. We have to talk about both, abusers and ISPs/LIRs.
I don't think you understood what I was talking about..
You cannot educate abusers, simply because they do it on effort.
But we have to educate or raise the communication level between ISPs/LIRs.
Like my example described: most abuse NOCs or very, very slow, uneducated, not interested, do not want to spend money aso.
Which isn't helped by a lot of the abuse reports that they get sent .. Something which could actually help would be work on better abuse report formats ..
I system that raises the level or trusted report sources, that only works between LIRs, could help, because - any LIR could be force to enter his details, so he will READ any description, why this system was introduced - reports from other, experienced LIRs/ISPs could be trusted, simply because they are experienced, they will not behave like normal end users, will try to use standarized reporting formats, present all needed infos and detailed log excerpts e.g and simply because they also want the same kind of qualified reports from others
There's a lot of this stuff going on already in "trusted" circles.
An introduction of such a anonymous communication server via RIPE NCCs servers could also be accompanied with snail mail, email, announcements, in the regulary RIPE reports, meetings aso …
You have to be very very careful how that is handled ..
LEA has their place in the larger scheme of things. It wouldnt be a bright idea to underrate, or underestimate them.
LEA actions only works, if the abusing server and the administrator of the attacked service are located in the same country
Not true Sure it's easier if they are in the same country, but if LEA works with their counterparts there's no reason why it cannot cross borders ..
Regards Michele Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection ICANN Accredited Registrar http://www.blacknight.com/ http://blog.blacknight.com/ http://blacknight.mobi/ http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845