|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: botted hosts
On Mon, 4 Apr 2005, Sam Hayes Merritt, III wrote: > > Unblocking on customer request is an expensive operation, for both the > > ISP and the customer. > > > And they frequently assume that network operations changes are > > free---Comcast reported that it would cost $58 million to implement port > > 25 blocking and notify customers, just for Comcast. > > Anyone can come up with a number to convince themselves that they don't > need to do the 'right thing'. Comcast is probably using Docsis. Docsis > makes applying filters on a per user basis pretty darn easy. Thats not the only thing they have to do. They have to (probably) 1) change the user service agreements 2) notify users of upcoming change several times 3) alter docsis on networks in hundreds of cities. 4) Staff additional support to handle calls. 5) lose business because many people want to send email to the server of their choice. > AOL blocks outbound 25. They've said this for many years, but I have hundreds of AOL addresses that have tried to abuse our relays. Maybe they do in some places, but not everywhere. Aug 6 2003 172.155.12.106 Trace 1638 This sort of attempted open relay abuse stopped only after the open relay blacklists shutdown in late 2003. Indeed, after about a year of complete quiet, abuse just started up again about mid March, but not as strong as before: Very few hosts, very few nets. Pretty lame, really, in comparision with the old days. All from Korea, and China targeting Korean ISPs, and one from Uruguay targeting Uruguayan ISP. Pretty definitely mailbombing by some open relay zealots or script kiddies, who probably pass themselves off as anti-spammers. It was interesting because I first got wind when some bounces were recieved from a Korean open relay. I got them because they were forged av8 from: addresses. Possibly, av8 was the target. Now who would target av8 with mailbombing? --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
|