Re: Home DSL Connections Hijacked for Porn

From: elihpomaps ton (no_spam_for_me_at_dev.nul)
Date: 07/13/03 

Date: Sun, 13 Jul 2003 00:19:41 GMT

"Beoweolf" <Beoweolf@pacbell.net> wrote in
news:rSZPa.314$Z76.70@newssvr19.news.prodigy.com:

> How do you make the leap from hijacked DSL / servers being hijacked
> and used by Hackers, directly to proposing a Draconian solution of
> stripping users of the right to run a home server?

You have no "right" to run anything except what your ISP allows in their
TOS (whatever that may be). They provide you with an email address and
usually with a web site location on their server. What reason do you have
to run your own mail or web server? Most cable companies and an ever
increasing number of ISP's are blocking home servers.
 
>
> All users are not the cause of the problem, thus all users should not
> be punished for the infraction. You proposal is elitist in concept and
> possibly places an unnecessary financial burden on legitimate,
> responsible users of DSL. Given that many supposedly professionally
> managed servers infected by worms, Trojan horses, virus attacks ...
> daily and repeatedly...how is it that you want to focus on amateurs?

Bull ***! Spam and kiddy hack attacks are burdens which lack of control
place on all the rest of us. The percent of "professionally managed"
servers with problems is a small fraction of poorly secured and unpatched
PC's sitting in bedrooms and living rooms.

"Amateurs" ARE most of the problem.

> Let's get our on house in order first, then worry about the 10%'ers.
>
> The chicken little doomsday predictions and/or hype is tiresome and
> does no one any good. DSL is a cheap alternative to T1, T3 lines and
> satify the bandwidth requirements of home as well as small office
> user. Education or fostering responsible prevention of problems, by
> applying relay prevention techniqes, installing firewalls (not ZA and
> BI) and NAT, would be more appropriate.
>

No one is arguing that either DSL or cable is bad. Most of the people who
post to this newsgroup have dsl or cable connections and are very happy
using the mail and web tools provided by their ISP. By blocking server
ports their ISP's afford them a greater margin of protection against
miscongfigure.

I am tired of getting spam and kiddy port probes from addresses which
contain the phrase "adsl".

The internet is not a toy. Here are two alternatives which more safely
allow experimentation and play:

            1. Find a webhosting provider who has a valid abuse address and
lets them configure their own servers with limited supervision.
                        or
            2. Arrange with their ISP to set them up with a static address and
a domain name. They then must maintain a valid abuse address and agree to
take the consequences of any security issues.
                        or
            3. Take a position as a sysadmin or systems analyst with a provider
or a corporation with a large IS Department. Then see if they still want
adsl and cable boxes to have unrestricted ports after 90 days in their new
position ...