On torsdag, dec 12, 2002, at 07:44 Europe/Stockholm, Bill Woodcock
> Patrik: ISPs do get in a bind sometimes when a customer's machine is
> broken into and used illegitimately as a warez server, in much the same
> way that credit card issuers have to worry about fraudulent use, and
> have any easy way to distinguish it from legitimate but high levels of
> use... And it's true that not giving end-users real addresses tends to
> reduce the frequency of break-ins and the attractiveness of using those
> machines as warez servers.
Just look at the 2nd derivative of the output of netflow from the
customer, and detect when it is positive. If it is too large, kill the
connection. Can be automated.
> However that's the stupid security-through-obscurity argument again..
> should both give out real addresses, and encourage users to stick to
> secure OSes, and if they're not using a secure OS, firewall them in a
> that the user can configure.
Exactly. As an extra service (which I am sure the user will buy), or
let a local ISP (Joe's Internet, tackle and meat) with 100-200
customers take care of that problem. Joe can sell the bells and
whistles including support to the end user.
Internet access is a commodity by now (believe it or not) and people
will buy it like milk. I have close to where I live, even if it is
(maybe because it is) out on the country side, 5 different locations
within 10 km where I can buy a new chain saw, but only one 15 km away
where I can buy an ethernet patch cable. Here everyone already have a
chain saw, still there is a market for 5 different stores to have
multiple brands on the shelf.
_THAT_ is why people feel hopeless.