North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [Re: Firewall stateful handling of ICMP packets]

  • From: joshua sahala
  • Date: Thu Dec 04 11:36:45 2003

Sean Donelan <[email protected]> wrote:
> Did news stories about this get other people in New Zealand to fix their
> computers, apply patches, use anti-virus? Or were were lots of stories
> about the "evil" telco ruining grandmothers and orphans? and the telco
> eventually waived the charges?

probably a little of each - and each will likely be temporary.  users
will keep updated for the near-term, and telcos/isps might waive 
charges.  however, relying on either will lead to further problems (as
we have seen, and will continue to see).  
> Toll charges do encourage PBX owners and cordless phone makers to 
> improve the security of their products?  Most cordless phones (unlike
> WiFi) now have automatic authentication between the handset and base
> (not encryption, just authentication).  Most PBX's block outside to 
> outside phone connections (the telephone version of proxy/relay) by 
> default now.

enough pain will eventually cause a change (and/or a higher pain
tolerance).  so far, pain tolerance by most users is rising, but not
much is changing.  users are still ignorant as to what is wrong or how
to fix it (as you have pointed out to me in previous emails), no matter
how many news stories there are, or how many 'helpful' emails are sent
by isps or manufacturers.

> If ISPs charged customers $0.000001/email message, would it cure spam
> or would the spammers just continue to use third-party victims to spam
> and there would be lots of news stories about grandmothers and orphans
> getting huge ISP bills?  IANAL, but many spammers are already breaking
> a law by using victim machines without authorization; but would law
> enforcement be more likely to do something if the victims now had a
> $50,000 bill from their ISP due to the unauthorized traffic?

it still comes down to figuring out who is doing it, and then getting
enough evidence to 'stop' them.  even the ones we know are spammers have
gotten pretty good at using fronts for their operations:  and when you 
have tens-of-thousands of vulnerable computers with 'fast' connections, 
you don't have to try very hard.

we keep beating this same horse from different angles and hoping for
different results.  unless someone out there has a crystal ball and can
predict the next exploit (and then magically fix it), we will beat it
again next until then, i am off to remind my less clueful 
friends and family members, again, not to apply the 'newest security 
patch' email from [email protected]

(not even worth $0.02 today)


"Walk with me through the Universe,
 And along the way see how all of us are Connected.
 Feast the eyes of your Soul,
 On the Love that abounds.
 In all places at once, seemingly endless,
 Like your own existence."
     - Stephen Hawking -