Re: [Nolug] Need new internet service...

From: -ray <ray_at_ops.selu.edu>
Date: Thu, 12 Dec 2002 03:27:16 -0600 (CST)
Message-ID: <Pine.LNX.4.44.0212120237100.20368-100000@romulus.csd.selu.edu>

On Wed, 11 Dec 2002, Charles wrote:

> As for the "68.14.X.X" IP blocks.  If you obtain one from the DHCP
> server it is a mistake.  This block is reserved for our business
> customers.  And yes since they are part of the business block of
> course they will allowed servers to pass traffic.  If you are
> "borrowing" one, down and dirty you are stealing.

Hmmmm.... sure someone might down and dirty steal my car if i leave it in
a parking lot. That doesn't mean i'll leave the windows down with keys in
the ignition. Bottom line, if the network was properly secured, you
wouldn't need to quietly handle abusers. We're not talking rocket
science... if you see traffic from an ip with no lease, block it.

And why are business customers on the same network as residential
customers? I'm sure there is verbage somewhere that says the business
service is more "secure and reliable, that's why we charge more for it."
I would think it should be separate networks. Who gets to explain to the
business customers why their e-commerce site turned into a porn site for a
few hours cause little 12-year old Johnny borrowed their IP for a little
while?

I don't mean to start anything, and Charles i appreciate the info you have
provided. But to the current and future network managers, this sort of
abuse is preventable with proper network security. Falling back on your
acceptable-use policies, contacting authorities, calling abuse managers,
quietly handling users, etc etc etc... that's not the right way to handle
it. If someone sniffs your admin password cause you are telnetting, you
can't run to the CEO and say 'oh no no it's ok cause he violated the AUP
by running a sniffer'. That won't cut it.

Email abuse, breaking into other systems, threats, harassment... that is
abuse, and by all means contact abuse managers and local authorities and
get it dealt with. But don't threaten to sic the law on me cause i
"borrow" an IP address. Just secure your network. I guarantee it'll be
cheaper and cause everyone less headaches in the long run.

-Ray

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ray DeJean  				       	 http://www.r-a-y.org
Systems Engineer                    Southeastern Louisiana University
IBM Certified Specialist  	      AIX Administration, AIX Support
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
___________________
Nolug mailing list
nolug@nolug.org
Received on 12/12/02

This archive was generated by hypermail 2.2.0 : 12/19/08 EST