Re: amazonaws.com?

• From: Peter Beckman
• Date: Thu May 29 14:46:23 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

Peter Beckman <[email protected]> writes:

If you are taking card-not-present credit card transactions over the

...snip "hard to charge fradulent customers" and also "verifying customer
identity annoys the customer"... points-

The goal here is to give abuse a negative expected return.  One way to do
this is to charge (and collect)  a fee that is greater than what the
spammer can earn between when they sign up and when you shut then down.
There are two ways to do this -  1. raise (and collect) the abuse fee, or
2. lower the amount they can earn before you shut them down.

 All these charges do is line the coffers.  Sure, a few might be prevented
 from doing it in the first place, but the rest will continue, and everyone
 else here, including Barry, will continue to get hit by spam and DOS and
 backscatter.

I wanted to point out another option providers now have.  IDS technology
has matured.  Snort is free and pretty standard.   Personally, I find
monitoring incoming traffic to be... of limited utility.  However,
I believe snort is an excellent tool for lowering the cost of running an
abuse desk, if you run it on the outgoing traffic.     Snort is pretty good
about alerting you to outgoing abuse before people complain.  Heck, if you
trust it, you can have it automatically shut down the abusive customers.

 This is what I think we should ALL be doing -- monitoring our own network
 to make sure we aren't the source, via customers, of the spam or DOS
 attacks.  All outbound email from your own network should be scanned by
 some sort of best-practice system before delivery to prevent or limit spam
 from originating on your network.  IMO.

 But let's be realistic -- the reality is that not everyone does, due to
 financial or resource or management constraints, and that receiving spam
 and being hit by DOS attacks and being slashdotted is simply part of the
 cost of being on the 'net.

 Profiting MORE from those that proliferate these attacks may hurt you less
 in the bottom line, but it still hurts everyone else who is the target of
 the attacks enabled by high AUP abuse fees.

 I know I'd be just as ticked off about a spam attack from Amazon EC2,
 whether or not Amazon got paid extra to enable it.

Beckman
---------------------------------------------------------------------------
Peter Beckman                                                  Internet Guy
[email protected]                                 http://www.angryox.com/
---------------------------------------------------------------------------

• Follow-Ups:
  • Re: amazonaws.com? Luke S Crawford

• References:
  • RE: amazonaws.com? Robert Bonomi
  • RE: amazonaws.com? michael.dillon
  • RE: amazonaws.com? Tony Finch
  • RE: amazonaws.com? michael.dillon
  • RE: amazonaws.com? Tony Finch
  • Re: amazonaws.com? Sargun Dhillon
  • Re: amazonaws.com? Steve Atkins
  • Re: amazonaws.com? Sargun Dhillon
  • RE: amazonaws.com? Skywing
  • Re: amazonaws.com? Dorn Hetzel
  • Re: amazonaws.com? Peter Beckman
  • Re: amazonaws.com? Barry Shein
  • Re: amazonaws.com? Peter Beckman
  • Re: amazonaws.com? Luke S Crawford

• Prev by Date: Re: amazonaws.com?
• Next by Date: Re: amazonaws.com?
• Date Index
• Thread Index
• Author Index
• Historical