Re: Another source other than KRNIC?

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 11/10/05


Date: Thu, 10 Nov 2005 14:14:07 -0600

In the Usenet newsgroup comp.security.firewalls, in article
<dkvoka$bg6$1@canopus.cc.umanitoba.ca>, Walter Roberson wrote:

>I don't think that effort is worthwhile over the long term.
>Our site gets over 100,000 abuse attempts per day -- and our site
>is not an "attractive nuisance".

With that kind of number of hits, it's probably connected with something
over a T1 - that is attractive to spammers and zombie controllers.

>If one supposed that each distinct attempt involved an average of 100
>entries (the real average is far far lower), then that would still
>be 1000 reports per day to generate. If we could review the data
>and make a decision and dispatch a report every 10 seconds, that would
>still be 2 3/4 hours of intensive review... every day. And that's
>provided that one had well-automated tools that extracted the data
>and formatted it and looked up the abuse address...

Absolutely agree here.

>I doubt that there -is- a really useful registry of abuse addresses
>for Korea,

Much of what I've seen in abuse reporting seems to result in a negative
reaction, rather than any action being made to correct the abuse. Korea
became a prime target when they decided to put the Internet into every
school - maybe every classroom. At least initially, they made no effort
to install things in a secure manner, and the result was rooted boxes
sending tons of spam every minute. My understanding is that Korean
business finally noted that large chunks of Korean IP space was being
blocked, and THAT was impacting their bottom lines. They were able to
get the word out, and the security improved somewhat.

>and I'd be really amazed if there is a useful registry of abuse
>addresses for China

Agree

>(other than one that came down to reporting all the abuse to the
>political authorities in China for prosecution under China's laws that
>more or less provide for the death penalty for internet "crimes"
>including shaming the image of China.)

I don't know this to be true - certainly anyone spending a few minutes
reading the abuse newsgroups knows about the problem, and the sure cure
of blocking Chinese IP space, but _I_ haven't seen any reduction in the
amount of abuse from there, and if anything they are happy to receive the
spammers money for "bullet-proof" hosting services.

        Old guy



Relevant Pages

  • Re: Where do I report abusers and, or SPAM mailers?
    ... On Sat, 12 Apr 2008, in the Usenet newsgroup comp.os.linux.misc, in article ... news.admin.net-abuse.sightings Sightings of net abuse. ... sending abuse reports is a waste of time, ...
    (comp.os.linux.misc)
  • Re: Another source other than KRNIC?
    ... Our site gets over 100,000 abuse attempts per day -- and our site ... be 1000 reports per day to generate. ... I doubt that there -is- a really useful registry of abuse addresses ... of abuse addresses for China (other than one that came down to ...
    (comp.security.firewalls)
  • Electron abuse [WAS: Re: RANT, with condescending insults]
    ... Addicts call this 'dunking', and it is often a sign that DHMO abuse is spinning out of control, soon to proceed to the more extreme practises of 'washing', 'bathing' and even 'swimming'. ... Pre-rhythmic binges have been anecdotally reported to precede many fatal overdoses, but reports for *rhythmic* abuse immediately preceding death are relatively scarce. ... Often, especially with the crude saline product, the rhythmic-stage abuser has simply disappeared by the time authorities can respond to the report. ...
    (rec.arts.sf.composition)
  • Re: Electron abuse [WAS: Re: RANT, with condescending insults]
    ... Addicts call this 'dunking', and it is often a sign that DHMO abuse is ... although J. Random Toper reports in _The Rose ... the rhythmic-stage abuser has simply disappeared by the time authorities ...
    (rec.arts.sf.composition)
  • Re: Italian womans lawyers compare UK to nazi germany or North Korea
    ... as a bit of serious research into the large number of reports into ... Now I personally know a lot of very good parents of friends who I grew ... childrens services actually lead to the departure of Pope Benedict- our ... convicted of actual child abuse to maintain occasional supervised ...
    (uk.politics.misc)