Slashdot Mirror
@Home Responds to the UDP Notice
To the USENET Community:
In response to the recent UDP call for @Home Network to be removed from interacting on the USENET, we are submitting an official response with a proposal of short term and long term news spam prevention initiatives. Excite@Home is very committed to participating respectfully on the Internet, and we have taken previous requests for action seriously.
We have found that the primary source of our excessive USENET posting history comes from subscribers who have installed proxy software incorrectly. Unbeknownst to the customer, this mis-configuration has allowed outside access to the @Home news servers, and has resulted in our subscribers becoming spam relays. Because these various IP addresses create holes in our network, spammers have taken advantage of this mis-configuration, and have posted thousands of newsgroup messages through our news machines.
As of today, we are stepping up our involvement and taking more aggressive action by performing frequent network wide scans of our customer base to target proxy servers. Once these customers are identified, we are suspending their news service immediately. Re-enabling will not occur until we are assured that their machines are secure. We feel that this proactive effort will dramatically decrease the amount of extraneous news traffic originating from home.com.
We are committed to promoting better Excite@Home participation on the USENET, and we are in the process of modifying our current news product and news architecture. We are also implementing more user education as a parallel initiative.
With these new tactics in place, we are asking for an extension to our USENET access beyond the 18th of January and we are confident that the USENET community will see positive news statistics coming in the next few days.
David Jackson
Manager, Network Policy Management
Excite@Home
davjackson@excitehome.net
As a previous @Home user, I can safely say its not only the clients that are misconfigured. @Home is one giant orgy of misconfiguration in itself.
It's good to know that these companies have great P.R. directors that can fabricate such original excuses for these companies. What ever happened to straight honest answers?
Justin W. Williams
I don't buy their mumbo jumbo for a second. The one thing I did find humorous about the response was requesting an extension of the UDP.
If they would have taken precautions against spammers instead of blaming it on spam relaying, they wouldn't be in this mess.
Sock it to 'em.
Why do companies wait until after the problems get them in trouble to fix them. @Home should have fixed that a long, long time ago.
kwsNI
Well I think that this was a rather bold and audacious move by people. Concidentally is this legal? What happens if for example I am a researcher and want to send a usenet posting to someone and I use the @home service what then? Guess I'm screwed by the "wonderful" community.
My opinion of usenet is general is bad because there are no (hint here) easy to access methods for people using what I would term "public access terminals" where you cannot easily change things and add programs and such. Telnet usually could work but would generally suck. Sorry if I was a little vague about the matter in the last article.
Slashdot social engineering at it's finest
I feel @home is still to blame, 'cause they have the obligation to inform their clients about this kind of proxy behaviour. It's strange we always have to throw a rock before a ISP wants to take proper action.....
They got the message I think, but isn't it quite late
StarTrek.org Free Webmail
I for one have sincere doubts as to the amount of self-policing that @Home is likely to undergo- if they truely mean to install a process that will be beneficial to the internet community as a whole then they will need to begin forcing customers to have their proxy servers tested - my doubts begin here - who determines how well the proxy is/needs to be/ setup, is it @Home or will they submit the proxys to some kind of test that has been agreed on by the Usenet community??????
May the forces of evil be confused on the way to your inbox.
Somehow I don't think I want @home service. Misconfiguration? Security holes? Yes, I'd like to put my NT server with all my corporate information onto @home's network. Better yet, I'll give you the keys to my house while I'm at it.
There is no reasonable defense against an idiot with an agenda
:wq
I'd respond by saying:
"Ladies and gentleman of usenet, we've formulated a respose to your so called death penalty, f*** you."
Then I'd moon them.
(What do you mean I ripped off southpark, they got that idea from me... yeah..)
Only one post when I load it, but it is already a -1. That is quite disturbing. Moderators seem a bit ansy, but maybe it is something in their script.
You think it would be damaging to a national ISP to have this on them. "The only brodband provider banned! Join us today!" Yes...That would be an ad I would enjoy.
-God I hate adding my useless comments just to not be knocked in karma. And having to post as myself so the people who are scared of Anonymous Cowards can still read this. Sigh...
"I disapprove of what you say, but I will defend to the death your right to say it" - F. Voltaire.
The @Home network consists of many companies. 3 that I can think of is Excite@Home, Rogers@Home, and Shaw@Home (the last 2 are Canadian). There are probably others. What are the they doing to stop the spammers?
...this still doesn't change the fact that we hate you :-)
JD
I wonder what the response will be, this is essentially the same thing they have been doing for a while (I had sendmail misconfigured and they sent me an e-mail about it a while back) but the problem still exists.
Ultimtely, they are trying to place the blame on their customers, as crap as that is I would hate as a @Home customer if they somehow limited my internet access (ala AOL styls)
Fine. When I see that @Home is no longer the Net-PITA that it has proven itself to be, I'll remove the e-mail and Usenet news blocks I established some two months ago. (Yes: two months ago. I don't need somebody else to tell me when somebody has become a problem.)
I may just be a misinformed jackinape, but didn't the @Home network limit customer's uplink bandwidth to 256k, and disallow the running of any and all servers? Isn't the solution as simple as cutting off customers that are running servers? I know the server ban was a reason I didn't buy @Home... I don't see how they can use customer's servers as an excuse.
Read: Rabbit Rue - Free serial nove
essentially, they are saying taht it's clients who've set up proxy servers incorrectly, and that they will be more aggresive in helping customers fix mis-configured proxy servers.
Anything to shift the blame to anyone other than themselves!
//till
http://blog.klimpong.de
See, I don't think they really understand the problem here. You can try to be "proactive" about this sort of stuff as much as you want, but holes will keep opening up, and USENET will keep getting spammed through the holes, and once the spam is out,... same old problem. Even if you cut off their news access immediately afterwards, which only serves to aggravate the customer, who won't understand why they're being cut off.
But I'm glad to see the PR department has taken its normal approach to things - put as much spin on the problem as possible in a press release, then stall and see if everyone quits looking.
@home: Just lock down your news servers already. There's no reason for them to be hanging out in the open like that...
This is proof that the UDP works. The whole point of the UDP is to get someones attention in a very meaningfull way, and thats exactly what it accomplished here.
This is also proof that USENET can manage itself just fine without any "central authority".
----
Life if possible, art at any cost.
Well, at least now I know why port sentry picked up op-scan.home.net connecting to my news port last night.
ShadoWolf
I sent an email to Shaw@Home (Canadian supplier of the @Home service) yesterday regarding the UDP, and here's what they had to say:
--- begin e-mail
We are aware that a UDP has been issued against @Home and it is clearly an @Home issue. @Home is aware of the problem and is working on meeting the requirements to have the UDP lifted so that you will continue to enjoy the use of the news service. Due to the current activity and attention to this issue Shaw does not anticipate that the UDP will go into effect.
--- end e-mail
They're going to scan their network for customer-operated NNTP services and take those customers' news access away, because external spammers have been relaying through the customer-operated systems to the main news server?
... if you want a certain kind of network traffic not to happen, you don't just tell people not to do it and beat them with wet noodles when they do. You block it at the firewall.
Why not just block inbound NNTP connections going to customer systems? If what they want to say is "Our users have no business running their own news servers", then why let them?
This "solution" seems excessively punitive and insufficiently preventative: sure, it'll get the current batch of insecure proxies, but it will not stop the next batch.
"Tools, not rules", people
This morning at 1:37EST I got 14 NNTP packets thrown at me from 24.0.94.130 (ops-scan.home.net).
So what do they do, flip around and blame anyone using a home network. Good move @Home is about to piss off all their biggest users, unilaterally pulling the plug from anyone running a home network. Here's a better idea, try and relay NNTP and SMTP test messages through every IP in your network every day, and cut off all the Win98 Internet connection sharing systems ... err ones that relay.
As of today, we are stepping up our involvement and taking more aggressive action by performing frequent network wide scans of our customer base to target proxy servers. Once these customers are identified, we are suspending their news service immediately.
WTF is this? You know how many people I know that setup @home service with an old Linux box to proxy off the cable connection to the rest of the house? I know about 4 people that this is seriously going to piss off. They don't spam and their systems are very secure, but it looks like they are going to be @Home's sacrificial lamb to the UDP.
Is @Home stupid or what? Put username/password on their NNTP server and be done with it for christ sake. That is a hell of allot easier then doing broad network scans for proxies running on their clients machines...
They are a bunch of fsck twits, I say the go though with the UDP just because @Home is so fscking stupid and trying to push this PR/Marketing BS off for actucally doing some type of security on their own network.
My vote: Fire Em
"`Ford, you're turning into a penguin. Stop it.'" -THHGTTG
I'm not surprised that they responded as they did. It figures that they would shift the blame and ask for an extension. However, one of my friends pointed out that a lot of @Home users have webTV--and tend to make the average AOL user look positively intelligent.
The way he put it was something like "@Home users have gone a long way to making AOL a respected member of the community." I say enforce the ban, give them time to iron out their problems, then give them a 3-day trial period to see if they truly have reformed.
Who am I?
Why am here?
Where is the chocolate?
What is your Slash Rating?
I hate the word "proactive" anyway, but if you're going to use it, Excite@Home, at least use it correctly. It was too late to take "proactive" steps the second the UDP announcement was made. Let's see, what's the definition of proactive? "acting in anticipation of future problems, needs, or changes". Well, it would seem that spam is not a future problem for @Home, but rather an existing problem.
Deny @home users access to alt.sex.* for eternity and the rest will follow. You don't think they actually read anything else, do you?
Misconfigured @home user proxy servers have been the conduit for a great deal of Internet "mischief". Proxy servers everywhere are sources of security holes, but I'd be willing to bet that there are more proxy servers on @home's network than anywhere else. Give people a persistent Internet connection and they want to maximize their use of it. I've used @home for 2 years now, and their official policy regarding proxy software has been "don't ask, don't tell". At least now they're going to try to help users with some basic configuration. Will this stop ALL the spam coming from @home's network? No. It will help. The other piece of the solution is for @home to enforce its own AUP, and slam its subscribers who violate it. I do have to say that @home's response to the UDP was much than their response to any other issue they've had to deal with.
What access provider would want to be UDP'ed?
What I wonder is if they can do the scanning under the current TOS, or if they'll have to update their TOS first, which w/out reading it i estimate requires a 30 day or so period between posting and the effective date.
Need a Catering Connection
Usenet is an open forum, not some closed, unattainable clique like you're making it out to be. (The administrative side of it, however. . .)
-A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
Linux: Making NT security look like Rent-A-Cops
All I have to say is:
OpenBSD, Making Linux 'security' look like X-10.com's Rex-10 product.
Gratiutious 'quotation marks', the sign of a true cynic!
They're at it once again: They think the servers on their customer's machines are to blame for every evil. If they configured *their* network to limit the number of email messages from a customer to say 100/day they might actually stem the flow.
My email addr is chappel + @ + home.com and I get spam cc'd to c*@home.com. They could block this sort of thing out (and I have asked them to) but their claim it is that it is beyond their control.
clowns!
-B
Make everyone on @home go through proxy servers for internet connectivity and use NAT overloading.
For the humor impaired, please click the link to get the joke.
It may not be just, but it is fair, and that is more important.
Set phasers to maximum stun!
I'm at @Home customer who keeps regular logfiles and a firewall. I can tell you right now @Home does NOT scan anything except forwindows filesharing. Some of the @Home network blocks windowsfilesharing at the router, others scan for it and disable it. But if that's what they meant by "scanning for proxies", that's misleading.
Secondly, @Home has, at the time of this posting, not scanned the subnet *I* am on for anything on port 8000, or 8080. For that matter, I have heard a whole lot of nothing on the scanning front.
Thirdly, I have run nmap scans extensively across the @Home network. Sometimes not in stealth mode either. To date, I have received no e-mail from @Home asking me about this (it's for statistics, not hacking, incase they're reading this). This tells me security is very lax for @Home. I would not be suprised if spammers knew this. It's not hard to find out - ask any @Home customer.
Lastly, @Home customers rarely run proxies. I have scanned port 8000 and 8080 - there are maybe 2 per 1024 block of IPs. I have NEVER seen a scan from a remote site to port 8000 or 8080. So drop the charade about this being from "mis-configured proxies".
Also - @home has a strict AUP *against* security scans. They would be in violation of their own AUP to take action like what this guy has mentioned in the article. I was not able to locate their online AUP, but searching here or here should reveal it. If nothing else, I will scan it in and post it, as I still have the copy I signed.
From the UDP FAQ:
What about legal issues? Don't you worry about being sued? As UUnet (and others) have found, there is no legal requirement for other sites to carry or post their messages. Cancel messages are advisory in nature, and the sites which accept them have to have the ability to process them enabled in their software for them to be effective (the vast majority of sites have them enabled). UUnet threatened legal action when they were UDP'ed in August of 1997, but both the US Justice Department and the FBI (and presumably their own legal department after they consulted them) stated that there had been no laws broken and that they refused to investigate or act. Because none of their own equipment or networks were attacked, compromised, or even affected, there was no legitimate Denial Of Service (DOS) complaint that could be filed. What was happening, in effect, was an organized boycott of their messages. Nothing more, nothing less - and there is nothing illegal in all that. There would also be a horrendous negative public relations wave from actually instituting any legal action. When UUnet threatened, even more people came out in support of that UDP, contributions to legal funds were offered by a large number of people, lawyers volunteered to defend those participating in the UDP, and many ISPs promised to alias UUnet permanently (and work to get others to do the same) the moment they actually instituted legal action.
As another example, there was a rogue canceler, nicknamed "the Kikecanceller" [because his racially inspired cancel message paths all had "!kikecancel" (along with "!spiccancel," "!wopcancel," and others) in them], who was active for a short while. This rogue canceler nuked over 25,000 articles for no legitimate reason before his account got canceled. James M. Hawkins, the supervising agent at the FBI's Tulsa office, stated: "We don't have a case. I don't think we're going to be getting involved in the matter." The local United States Attorney's office was contacted about the cancellations and they replied that no law had been broken. (see the NY Times article about the "Kikecanceller". Note: this site requires you to enter a user name and password to access it, although it is free. There have been no reported instances of spam being sent to any test address that was used to enter the site, so it appears as if this data is only used by that site and not released to anyone who might utilize it for a spamlist).
-no broken link
i've been using @home for they're cable connection since the end of last october. They're connection speeds aren't bad, though they're techsupport is useless unless your running a windows system, and even if you're running a windows system, don't try configuring a LAN with they're help. More in regards to the topic at hand, i've personally experienced three (that i know of) IRC k-lines from dal-net, as well as being familiar with the usenet complaints. Though my email from them has yet to be spammed (more than anyother ISP i've been with anyway). IMHO, @homes services just aren't worth it if u have another ISP to go through that will offer u the same class of connection. (or better).
secure ones that is. I got a email from abuse@home.com asking me to _secure_ my mail server...not to shut it down..so I take from that that they are allowing servers to be run. (why did they ask me that? well..uhh, cough cough, sendmail was allowing relaying to the world, I just went with the default setup from RH6.1, and didn't have time to tweak it much, until I got that letter) incidently I got that email about 2 months ago.
The basic sleazeware produced in a drunken fury by a bunch of UCBerkeley grad students was still the core of BIND. --PV
You know, I imagine the despammers aren't going to be satisfied with a press release ... it'll be interesting to see if the spam level actually drops or if this was just a PR move.
So the problem is not @home users spamming usenet, the problem is @home users setting up proxies incorrectly so that external users can spam usenet. Is that right?
Well, its Creative... I'll give them that.
This really is the best they could come up with on short notice. I mean they can't possibly get their staff to actually enforce usenet spam rules, considering that would require hiring more staff who have a clue what usenet *is*.
Considering how small @home's user base is compaired to someone like AOL, the fact that they are being targeted by the UDP shows just how bad the problem is, their users must be generating tremendous amounts of spam per user to cause such problems.
I for one don't believe this solution of theirs is a real solution at all, and until the numbers show that the problem has gone down dramatically, I say hit them with the UDP as planned. If the numbers between now and then do show that they are having an impact in their efforts, then give them more time. But make them be the first to move, don't give an inch until they do something about it. Its the only way to deal with big corporations that don't actually give a damn about the Net itself or anything except their own bottom line.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
I think they're talking about the old version of Wingate that was setup by default to allow anyone to connect to anyone else. The perpetrators are probably just bouncing their messages off of a bunch of known Win9x machines running Wingate.
If they scan your computer and find you have an email server (which a lot of Linux users do for personal use) will it be shut down?
Wondering...
Ben
My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
If I am an ISP sysadmin I do ***NOT*** own the network or even the machine that the network is attatched to. I do not even own a single byte of data that is transfered in any way shape or form. I am sorry to be this blunt but if I for example hire a person to squish grapes to make wine the grape masher does not have a word of say at all in the process of making the wine. All he has to do is smash grapes and not complain. All that he does is carry out orders from others using a set of fuzzy logic and AI that machines cannot perfect in that particular case.
Slashdot social engineering at it's finest
Funny that you got that email, this is a quote from their web page.
Can I attach a server to your network?
No. The @Home service is for residential, casual use only and does not support or allow servers of any kind from the home. At this time, @Work® offers products that allow the kind of connectivity a server requires. Please visit @Work at work.home.net.
Indeed. And also remember, that, to quote your own argument, no one is harmed by a DOS attack. So, friedo, obviously you will not complain if I mount a prolonged and sustained DOS attack on you because I disagree with somethin gposted by ANOTHER user of your ISP, right?
Oh, silly me, I forgot. That's different (erm, actually, no it is not).
Does anyone remember when Netcom was sentenced with the UDP? (about two years ago maybe?) It was an almost identical situation, if I remember. Netcom refused (for ages!) to respond to any abuse complaints, and refused to lock down their servers. When the UDP was announced, they made some shuffling, 'we'll fix it' noises, but did roughly bugger-all. This went back and forth until the UDP was finally put into effect, with fairly devastating consequences. After a while, Netcom relented and started to behave.
I don't like the fact that these companies are so irresponsible that we have to take a big stick to 'em, but ultimately it will prove successful. I vaguely remember that it's easier to reinstate a UDP once it's been applied once, so any number of half-measures on @Home's part will fail. Responsible behaviour is the only way out of this.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
A see a lot of incredularity (plus some remaining "Hey, that's not fair) on other posts, and while I'm in general, a cynic, I have to agree with this. Sure, there's some bald-faced lies in here (i.e. the claim that they've always responded to the community), but that's to be expected from managment. As a techie that's worked in a couple of suit-type financial businesses, I'll attempt to suggest a probable dialog: admin in charge of way too much to management: Hey, we keep getting complaints about our usenet setup. I'm swamped and not a usenet expert. I either need some time dedicated to reading "Managing Usenet News" and someone to take over some of my work, or better yet, you should hire someone just for that. manager: Use.net? What's site's that? Why should we manage it? I don't have the headcount. Skip it. Admin to boss: Hey, I read on slashdot yesterday that we're getting UDP'd (since you haven't given me the duty to actually keep up on the admin news groups as I should, I didn't even see the post). Also about a bijillion torked off users are calling and emailing us. manager: What's udp? techie: manager: They can't do that! techie: manager: techie: We need to promise to crackdown and actually plug the holes, they'll almost certainly go for the promise, but they'll continue to watch us like hawks. Once they've gone this far, it's not that hard to reinstate the sentence if we lapse. manager : Do it. Write up a reponse and I'll couch it in appropriate language (which he completely bumbles, due to lack of understanding of his audience, but that's to be expected) Result? The cluestick approach will probably work once again. You just need a big enough stick, and on the net, short of an IDP, and arguable the RBL, the UDP is the biggest stick around. --Jason
I like lots of people. That doesn't mean I go carting them around the galaxy with me. --Dr. Who
This is NOT AOL. This is a high-bandwidth pipe into a household. AOL is dumb-down idiot proof software for idiots. People who use AOL have hundreds of other choices (depending on what number their modem dials) and choose AOL because they are DUMB. This is simply not true with @Home and I will be PISSED if this damn UDP causes @Home to disallow any sort of proxying on my machine.
if you just block nntp, that won't prevent people from exploiting open wingates and other full proxies. i'm not sure that this exploit applies to news, but it probably does. i know it applies to IRC - DALnet had a problem with people scanning the @home network (and some other isps, including one in mexico) for open proxies and then flooding the irc network by sending a few clients through each of the proxies they found.
DALnet responded to this by banning @home completely for a while. this ban has since been reduced to ~*@*.home.com (clients get a ~ if they connect form a computer not running an identd, and most real users run identd wheras most wingate computers do not).
--
The shareholder is always right.
No. HOWEVER, would YOU consider yourself screwed if your neighbours took legal action against you because SOMEONE ELSE'S house in the street had raw sewage spraying into the street?
THAT is what you are talking about...
MediaOne doesn't have anything to do with @Home. Their cable modem service is Road Runner branded. Just because AT&T is buying them does not mean you have @Home. You still have Road Runner, which isn't covered under this UDP.
Some guy yesterday put up a link to RR info at bofh.rr.com about what RR scans for-you may want to take a lookie at it.
Your analogy sucks.
The UDP is the same thing as if legal action was taken against your HOUSE because you had raw sewage spilling out onto the streets. It is now up to the owners of the house to correct the problem, fix the sewage leak, and then have the legal action stopped.
Yes Cox@Home still offers static IP addresses to subscribers in a few markets such as Las Vegas.
One theme we are seeing kicked around this board (by our friendly neighborhood Libertarian contingent :) is the statment that the UDP's success proves that central oversight, ie. government interference, is unnecessary.
This is largely true. The UDP is a demonstration of successful self-coordination and democratic mob action. Individual admins opt-in to the UDP, or they opt-out, with only their own consciences as judge.
However, traditionally, governmental oversight has never been necessary in cases like this one, where an entity is punished for harming others. As the Libertarians correctly point out, community action will generally take care of such rogues. But government has been necessary in cases where a universally unpopular, but legal, viewpoint is expressed by an ostracized group.
Consider a group basically everyone despises: white supremacists. If an ISP were to rise up, comprised entirely of Aryan Nation skinheads, and if their thousands of clients were to post every day their noxious personal opinions all over the web, there is a smal but real possibility that some news admins would call for a UDP against the service. There is also the possibility that this UDP would go into effect, although no actual crime or harm had been committed, and the silenced participants were exercising their constitutional rights to free speech.
In cases like the hypothetical one above, civil rights legislation has a real and legitimate role to play. In the UDP FAQ, it is mentioned that only a government can legally perform censorship. However, Libertarians can't have it both ways - either they can accept civil liberties checks and regulations from the Feds, or they must assume the responsibility of allowing Usenet to become a government unto itself. At that point, the distinction between censorship and "private choice" becomes indistinct.
I'm not against the UDP or weak government, but I'm not against centralized civil rights standards either - that is the notion behind the constitution of the United States after all.
-konstant
Yes! We are all individuals! I'm not!
-konstant
Yes! We are all individuals! I'm not!
There are several reasons why. #1: Consider that the volumes of spam we're talking about - probably gigabytes upon gigabytes - would easily paralyze a cable modem connection, particularly when, for most @Home users, the upload cap is approximately 128Kbps (approx. ISDN speed). For anyone to make use of this exploit would require probably a dozen cracked systems per spammer.
#2 Every one of those systems is already being used by a human being (scratch that - several human beings; we are talking about a proxy here), who are going to complain to @Home, at which point they would have put a stop to the spamming.
#3: A UDP is only proposed after repeated attempts to notify the non-compliant admins of the problem. When @Home was notified, they could have found the addresses that the spam was posted from and discovered this "proxy" problem much earlier. Indeed, proxy problem or not, @Home could have remedied the situation much earlier than they are.
#4: Occam's Razor. Mr. Jackson's explanation is not the simplest one that fits all the facts. The simplest explanation is that @Home users are being allowed to post unadulterated spam and not being punished for it.
Having said that, I'm betting the spam problem goes away before the deadline. This is the usual "we don't have a problem and we're fixing it" notice that goes out after most of the UDP's, and usually, the UDP doesn't have to be enacted because the ISP knows (and simply refuses to admit) that they have a problem - and they fix it to avoid the punishment.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
No servers of any kind are permitted to be run by customers on the network. If I was at home, I could give you the exact wording. Perhaps they are merely trying to discourage the ignorant who might install insecure servers, or provide legal muscle in case they decide to cut your service off. I was a bit dismayed when I read the contract, as I wanted to host my own website.
Going on means going far
Going on means going far
Going far means returning
Someone on one of the net-abuse groups pointed out that part of the reason @home got the UDP was that they didn't implement UDP...
No servers of any kind are permitted to be run by customers on the network. If I was at home, I could give you the exact wording. Perhaps they are merely trying to discourage the ignorant who might install insecure servers, or provide legal muscle in case they decide to cut your service off. I was a bit dismayed when I read the contract, as I wanted to host my own website.
Going on means going far
Going on means going far
Going far means returning
To me, it seems analogous to the following:
You don't like snail mail from AOL, Microsoft, and a few other American based companies. Therefore you decide to go around to everyone's house and take any mail, coming from any American address, out of their mail boxes and you put all of that mail into a pile. In order to receive the mail, the recipients need to go grab the mail from the pile.
Yes, yes, yes. I know. You don't have any obligation to carry the news yourself. I have read the UDP FAQ, I have been on USENET for many years, I even run a few news servers myself.
If you don't like it, decide to organize an OPT-IN boycott. Setting up cancelbots, etc, is an OPT-OUT boycott. If a news server admin doesn't want to participate in the UDP, they must specifically change their news server config to do so. I'm pretty sure that most news servers are set by default to accept ANY cancel message whatsoever.
Any UDP involving cancelbots is not analogous to a "I don't like 'X' network, so I will not carry their packets" situation, it is more similar to "I don't like 'X' network, so I will spoof their IP and send TCP Resets to any packets coming out of their network. If people don't like the TCP resets, they don't have to accept them." Of course, you know very well that most servers will accept TCP resets appearing to come from the host itself.
That being said, I support a non-invasive OPT-IN UDP (boycott) against @Home, because although some of the @Home affiliates/cable providers do a good job of abuse handling, some do not and @Home itself just plain sucks in handling abuse complaints.
If the relay is a misconfigured news server, then that will work.
If the relay is a misconfigured proxy such as wingate, however, this won't put enough pressure on @home users to increase the security of their servers. I'd say suspend outgoing news immediately, and disconnect them completely after a week but only after repeated attempts to reach them by e-mail and phone.
--
The shareholder is always right.
It seems to me that they are trying very hard to push te blame off on their users and not taking responsibility for their actions. It's their sysadmins and security people who are at fault here. I don't even think the "corporate" level had any clue at all. (I sent an e-mail, like everyone else, informing them of the UDP announcement. Instead of sending it to the support people though I sent it to the "Corporate PR" e-mail address on their site. ;-) (Before you ask - no I didn't get a response.)
Regardless they are still blaming the user when they should be blaming themselves.
"Bah!" - Dogbert
Although I've never been an active USENET user, I do have a couple very close friends who are EXTREMELY active. One of them is a USENET administrator (forum sysop, moderator, or whatever) as well as a respected authority on the topic of Spam (especially USENET spam). And I must just say... After reading the FAQ (yes, I read it... unlike many of the folks asking "is this legal?"), I find this whole thing refreshingly invigorating. This is a PERFECT example of self-moderation (read: self-government) of Internet activity. A UDP isn't one guy deciding to do this (like Rob Malda attempting to use Slashdot's main page to "reform" Lucasfilms for failing to release PM on DVD) -- an official UDP announcement (in contrast to individual recommendations) requires concensus among the nana-u admins. Perhaps Slashdot could learn from USENET's well organized approach to self-moderation -- and keep personal agendas out of the main page, and possibly prevent heinously unfair web/email abuses (slashdotting) of the innocent or uninformed. If a site really *deserves* the full force of the Slashdot community, it should come through concensus and organized community response -- not kneejerk sensationalism.
Go USENET.
~~~~~~~~
Signature illegible, could be somebody else.
IF said white supremicists are spamming those messages, then yes hit them with the UDP, and hit them hard.
If they are posting legitimately to groups where such discussions take place, then they are not abusing the system, just stating an unpopular opinion. In which case then they should not be hit with a UDP, although any Admin could decide to stop accepting news from them if he/she chooses to do so. I wouldn't, but I can't speak for the Internet.
Thats one thing you didn't make clear in your message is how the White Supremicists would be broadcasting this. If they spam it, then a UDP is entirely fair. If they don't spam it, then a UDP would essentially be unfair. Even assholes should be treated under the same set of rules as everyone else is.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
Unforgiving Spam Entering Networks, Eternally Tormenting?
So does this mean that the UDP will be lifted?
I know this is a little on a larger scale, but this is probably the metaphorical equivalent of "don't spank me mommy, I won't do it again!!"
Does this mean that @home should not still be punished? The damage has been done, and has been done for a very long time. Like someone said on NANA.usenet, it took 2-3 years of net abuse by @home to have a UDP put on them. 3 years of spam? And finally action has been taken on it.. only to have it blown off by a press release?
IMO I think @home needs a little time to think about what it did.
Oh, and on another note, aren't these people using residential accounts? Last time I checked, accounts that were spamming were cancelled. Flat out, all across the board. Not "Once these customers are identified, we are suspending their news service immediately."
*sigh*
--
The shareholder is always right.
Your argument essentially boils down to the equivalent of, "Because I pay money to go into a building to watch a movie, I have the right to do anything I want to there! It's my money!" If you try doing that in real life, see how far it gets you.
USENET is not a "public" (ie, government-run) forum. It's a whole bunch of private machines strung together, and when you buy an account with USENET, you buy the right to use one of those private machines to access the content carried from the rest of those machines.
Sometimes one of those private machines will start dumping crap into the channels used by the rest of those private machines. The owners of those other machines will take every possible initiative to try to get the owner of that one crap-spewing machine to cut it out. Finally, strictly as a last resort , they will tell the owner of that machine, "Until you get your act together, you can't join in any of our reindeer games" and thus kick him out of the network.
Yes, this hurts the little people who subscribe through that machine. That's the whole point! Now the owner of that machine will find himself under pressure from within as well as from without--either he fixes the problem, or his users leave him for other services that can provide what they need. And since the UDPers always give a good amount of notice, I would guess that most of the time a UDP is threatened, it never actually becomes necessary because the sheer threat of it is enough to force the offender to clean up his act.
At any rate, as others have noted, participation in a UDP is strictly voluntary; any site can configure itself to ignore cancels from UDPers. In practice, of course, few do, so the threat remains effective.
This is simply an example of USENET's self-regulation mechanisms at work...when someone gets too out of line, he either gets kicked back into line or gets kicked out. It's actually kind of neat, seeing how a system with no one governing body in charge can still regulate itself. Sort of gives you hope for humanity.
Editor Emeritus and Senior Writer, TeleRead.org
I used to work for an ISP as its postmistress/abuse type. When I took on the job, we were #1 on the spamhippo list, and were being threatened with a UDP(to take effect within a few days). Within 2 days I had the news spamming under control. **2 days** folks. In those two days, I cancelled something like 14 accounts. POOF!! Problem solved. Now, the ISP I worked for did not have the scope that @Home does, but it just goes to prove that if you just inforce your AUP (it ain't just there for looks yanno) you don't have the problem. You'll have flare ups from time to time, but you can put that fire out and poof. You're in usenet happy land. All you need is a logging server and the headers. It doesn't even take a lot of brains to do it. All @Home really needs to do is grab a bunch of techs who aren't doing anything, give 'em the spams, access to query the logging server and I bet within a few days they wouldn't have a problem anymore. I know we didn't.
Fortunately, they haven't blocked ports 21, 23, 23 and 80 (to name a few important ones). Not yet anyway. Now, if @Home blocked a port or 2 on their systems, could this be avoided altogether? Some RR folks are really upset that 25 is blocked for us, I'm dealing with it; the service is still better than dial-up. And it does give me some peace of mind that people can't try to abuse my box via sendmail. I'm just wondering if @Home is posturing with this "we're going on a hunt" thing because they don't understand that it may be as simple as flipping a virtual switch on the routers, and KNOW that they don't understand how to run things well.
@Home needs to protect their news servers so that only authenticated customers can post (proxy or not). If there is a spam, they can then identify where it came from and should selectively take action against that customer. Since @Home actually runs cables to their customer's homes, they don't even have the problem that customers cancel and resubscribe under a different identity; unlike other ISPs, they actually can enforce their policies. The UDP against them should continue until they do.
A buddy of mine had his service disconnected by @Home just a couple of weeks ago. He is running a crappy NT proxy server which handles lots of protocols. They said that vast quantities of SPAM were coming from his IP adress. Then they yanked his service!
I told him to use Linux. IP Masq wouldn't have got him in a pickle!
-- Mike Greaves
Here's my understanding of what would happen:
:)
:)
1) All USENET traffic originating from home.com would be blocked on UPD-participating NNTP servers.
2) All USENET traffic originating OUTSIDE of home.com would still pass through to @Home's NNTP servers, articles being available for @Home users to read.
3) @Home users could still post USENET articles, which would reside on @Home's servers (though not make it outside), and @Home users could still read other @Home user postings.
True? False? Halfway in between? If true, then a lot of the posts above screaming bloody murder would be going over the top a bit. @Home people wouldn't even really notice - they'd SEE all their posts, and everyone else's - they just wouldn't see any REPLIES to their posts by non-@Homers, as they're not making out to the rest of the world to be seen and replied to. And they'd also still see all the home.com-originating spam.
Sensible replies welcomed... keep thy flames to thyself, please
"People" using "unnecessary" quotes should be "shot".
It is also quite funny that when I called up to inquire about @Work, I was informed that customers are forbidden to run a web server. How ridiculous is that? They charge you more for no added value.
I seriously doubt that they will ban static IP addresses.
I speak only for Bresnan@home users in Michigan but everyone is assigned an IP address tied to the MAC address of the Cable Modem. When the technicians install the software on the computers they setup a static IP address in the Network settings.
The cost associated with changing all these people from static to dynamic IP address would be prohibitive. The additional cost of displeased customers leaving would also have an effect on this decision.
Regards,
CatNTHat
Of course it's company policy never to, imply ownership in the event of a dildo... always use the indefinite article a d
well actually if they use your definition of a server
"btw, icq is a server (it lets people connect to your computer on various ports), but they couldn't go after icq users"
They could go after ICQ users (and ftp users, I don't use passive do you?)
but they probaly won't
I started on Shaw@home over a year ago. That's because my ISP at the time wasn't offering high speed services in my city at the time. Over the last year my bandwidth has been cut down dramatically. In the last six months they converted from a microwave/satellite transmission medium to fiber. The fiber link was finished last summer.
Since then, my bandwidth has gotten WORSE! Mind you, it's still faster than a 56k modem :-). But luckily, my ISP of choice has gotten DSL in my area, and last month I was the first in town to get it installed! Wahoo!
In that time I experemented with different setups, NT with Wingate, Linux as a router/firewall. The network did change from the "early" days when I could do a "net view /domain:*workgroup" and see everyone in the neighbourhood's drives! (all hail Distributed.net!)
I still use things like BlackIce Defender to monitor my systems (I still haven't got scanned ethier from *.home.com) but I notice an increasing number of attempts to break through my firewall. Even some numpty trying to send through my sendmail to "a@aol.com" (he got a nice surprise too!).
My view: Death to Spam! Like a previous post said, they aren't being proactive, they're being re-active!
"History doesn't repeat itself, but it does rhyme." Mark Twain
I find it horribly amusing that for both of @Home's "We're sorry, and it's our users' fault" messages to Usenet (the original, and a repost after the first one was plonk'd), they resorted to forging moderator approvals to get their posts across.
The one solution that might make sense is for @Home to secure their news servers with an authentication method required each time a client wishes to read or post. They can tie this password with the users email password in their database. This should help defeat the proxy spam problem.
Some may argue that it is @Home's responsibility to educate their customers - which I partly agree with. But this process takes time, and is not an easy task.
Take two million computer illiterate households who decided to jump on the internet so they could buy books and cd's for grandma and grandpa for Xmas. Now picture Junior installing wingate or some other proxy software on mom and dad's machine so he could irc from both home and school. Of course, Junior didn't bother to secure the proxy - but that's neither here nor there. Now picture the difficulties involved in the ISP educating this household in what went wrong and how to fix it.
The USENET community should have patience and provide assistance. It's the UDP itself that has forced @Home to take such drastic action as shutting down news access to it's customers who have misconfigured proxies. So maybe folks should think twice before they scream about @Home "blaming" it's users. The last thing any company wants is bad customer service. The UDP forced the issue, and forced @Home to take this stance.
Don't get me wrong, I'm sure @Home could have been more responsive in the past... but keep in mind that the USENET community at large probably would not be privvy to @Home's behind the scenes activity; Nor would they be intimately aware with the number of emails or phone calls the @Home abuse department has made to their customers to correct misconfigured proxies.
The bottom line (IMO) is that USENET has given @Home an ultimatum, and @Home is responding. But this is not the sort of problem that @Home can fix overnight. The nature of their service and the shared network topology inherent in the cable network design create some unique security hassles. Everyone should do their best to understand the nature of the work required before they blast @Home for being unresponsive or for just not caring.
Lonnie
Man, all your posts should be moderated up as "Funny". :) I never cease to be amused by watching the kooks scuttle out like roaches when the light comes on in response to discussion of a UDP...
What is the network made of? Think about that for a moment. It's not made of T1 and T3 and other cables and routers...because by themselves, those wouldn't have any information flowing through them.
Soylent Green is made of peop--er, ahem, the network is made of computers. And each computer in that network is owned by someone. Be it a university, a corporation, a single person...all these count as individuals in the eyes of the law.
Just as a whole bunch of people who own a club may decide, collectively, that they don't want some other person in it, the whole bunch of people who own the network's computers may decide that they don't want some other person's computer using it. That's perfectly legal. As has been explained to you over and over and over and over. But you don't seem to get it, and will continue not to get it.
Oh well...at least you're providing a good reason for dozens of informed people to post their explanations so that those who are merely ignorant of the facts instead of stubbornly wrong-headed can make up their minds...
Editor Emeritus and Senior Writer, TeleRead.org
>so why can't I get a standard 56k modem and then get all the data from some reliable server
You honestly have no idea how news works, do you? There are tens of thousands of USENET groups. There are hundreds of gigabytes transferred DAILY. You'd fill your T1 line to the brim 18 hours/day if you pulled down all of USENET. a 56k modem would NEVER catch up - you'd be out of business in a half-hour.
News is not a free service. ISP's offer it to their customers - but ISP's pay for it. They pay in often massive equipment, time, bandwidth, and plain-old fees.
You want all of usenet? - pay a news-site for it. But don't expect it for free, and don't dream of hosting it yourself
I know I'm late to the party here, but there are lots of things wrong with this post:
1) You are not an @Home customer, you are a roadrunner customer.
2) Scans on ports 8000 and 8080 have jack squat to do with news proxies.
3) 2 proxies (and again your statistics are meaningless wrt news proxies) per 1024 addresses is PLENTY for them to be abused by non roadrunner customers (see point 1 for why this has nothing to do with @home customers). If roadrunner has 100,000 customers, that's almost 200 potential sites through which spam can be sent. And I believe @Home is much bigger than roadrunner.
When you get business service, you can have servers, choose from many different levels of bandwidth limitation, have multiple static IP's (paying extra for each of these things, of course, after paying way more than residential users to start with).
<sig>Guvf vf abg n frperg zrffntr
I agree. 11th-hour contrition is better than nothing, but rampant spammage was only part of the complaint against them. Granted, it was the most significant one, but it was their cavalier unresponsiveness to complaints that also needs to be addressed. Blaming munged proxy configs is all well and good -- I'll even give'em the benefit of the doubt that they are correct -- but they need to re-tool their method of responding to valid complaints (and ignoring them doesn't count). Since they did not bother addressing this aspect, their mea culpa strikes me as a bit anemic.
Woah. Woah there. Slow down just a second.
Right. Burn 'em at the stake? Let's see why again?
They didn't say they did. They said they will.
Right, I just don't get this. Do you know how long a scan takes? I'm not talking a script kiddie's nmap for open ports. I mean systematically probing an entire network for a stated behaviour with a sufficient timeout that you won't miss really slow servers (like, oh, say, ones that are already pumping piles of spam). They announced they'd start this as of today. Clue: it's not done yet.
And what do ports 8000 and 8080 have to do with this anyway? Are you talking about web proxies? They're a problem, sure, but tell me again how scanning for web proxies will get @Home out of the UDP? Can you even tell if @Home is scanning you on the NNTP port?
Heh. Gotta love the way you admit breaking your own ISP's rules on a public forum. And there are ways to judge relative security of an ISP. "I've run lots of scans and not been busted yet" is not one of them.
Signal 11, and everyone else, stop jumping on people when they admit they have a problem. This is good. @Home are doing the right thing when they admit this. It is the vital first step without which no further action can be taken. I know it's tempting to scream and roar at someone because they're evil, or because they snubbed you in the past. But these same people that are evil or snubbed you are the ones that we most need to take this step.
Please. If you think you can challenge @Home's statement, forward your evidence to the UDP people so they can consider it properly (clue: slashdot is not the best place to do this). But every time I see someone taking that first step and being met with ill-informed cries to burn, let 'em burn, I have to ask myself if I can actually ask the next guy to take it in good faith. I'm rapidly coming to the conclusion that I can't.
Dave
--
OK, so they posted a response. I actually know the guy that posted it (somewhat). Yay Mr. Jackson. You read the news.admin.* groups.
However, let's look at how it was posted. First, it was crossposted to the news.admin hierarchy. This is a no-no. They want you posting to the newsgroup that it is appropriate to. But let's overlook that transgression. It might have been an oversight on Mr. Jackson's part.
But he also forged the approval headers for the moderated newsgroups that he posted to. And that is a big no-no. Especially when you're pleading for your network's life. And it requires premeditation. You don't forge the headers by accident.
And not only that, but he has now attempted this three times. The first time it was canceled by someone who I assume is one of the moderators with the message "No forged headers on my watch". Then Mr. Jackson posted it again. It was cancelled again with the message "No, kids, you don't get it. No forge-approvals. No crossposting in NANAP." Now it has been posted a third time.
So how serious can @Home be if they have commited multiple acts of net abuse all on their own in responding to the action being taken against them for their customers' net abuse?
-Todd
---
"The details of my life are quite inconsequential..."
"All USENET traffic originating from home.com would be blocked on UPD-participating NNTP servers."
:)
True.
"All USENET traffic originating OUTSIDE of home.com would still pass through to @Home's NNTP servers, articles being available for @Home users to read."
Yep.
"@Home users could still post USENET articles, which would reside on @Home's servers (though not make it outside), and @Home users could still read other @Home user postings."
Yep.
The basic premise here is that the UDP keeps posts from @Home from propogating (sp?) to sites participating in the UDP. @Home users can still download posts as usual, it's just that when they post, nobody's really going to see them. But they can still see everything else, and yes, even the spam
--
The real Raunchola isn't cool enough to have any imposters
@Home will probably just ban users from having static IP addresses[*], running servers, and running Linux (because it's potentially "dangerous").
They already do on at least two counts. You can't run servers of any kind (e.g., shared printers on your LAN) and you have to use their Special Modified Version of Infernal Exploder to access account info. Most @Home systems also don't use static IP.
Lacking <sarcasm> tags,
Users who were around USENET before the great influx of .com folk still lament how it has degraded as a service. I for one am glad that the "USENET cabal" is clawing back some of USENET from spammers and internet-misfits.
Will there be some fallout from the UDP? Yes, probably. But if management at @Home had taken their responsibility to the rest of the internet community seriously they would not be in this situation - and you would not be complaining about what may or may not happen.
It is sad that the USENET community has to resort to the UDP as a final resort to enforce "playing nice". I hope that you, as an end-user are not penalised for @Home's poor management. But I am very glad someone has decided to make a stand.
> You're just ruining it for all of us.
They're making it better for you - you just don't see it.
Psike.
I think it's called Political Correctness. Or perhaps it's the notion that you're never wrong on an issue - you're just "misunderstood." Because of this, it's a wonder they can still teach an exact science like mathematics anymore!
This is the text of the email that I got...the way I read it is, as long as I set it up securely (and are not too high-volume) it is ok to run a server... Dear Rogers@Home Subscribers: In an effort to preserve the quality of our service to all our customers, the Network Security & Fraud department has performed a sweep of the network in your area. The tests that were performed found mail servers or misconfigured software that is allowing others to send email through our subscribers' computers anonymously. We are sending this you this notice, as it appears your computer is susceptible to this type of activity. If you are operating a mail server or some type of Proxy software (i.e. Winroute, Wingate, etc), please remove this server or secure the software to ensure it is not used in this manner. Due to the nature of this security problem, failure to secure your computer in a timely manner may result in a suspension of service until this condition is rectified. Your account will be re-examined within 5 business days of this notice. Please ensure that you have removed all servers from your system or secured any software that may be allowing the relaying of e-mail.
The basic sleazeware produced in a drunken fury by a bunch of UCBerkeley grad students was still the core of BIND. --PV
Well, let's see. There's Deja & Remarq just for starters.
Yahoo also has a listing of public-access USENET sites. Sadly, spammers being who and what they are, most public-access sites that allow posting soon become abused right out of existence.
For those willing to pay a bit of extra money, there is also Yahoo's commercial news server category.
There are always choices for USENET service. Even if you already pay your ISP for its USENET, additional access elsewhere isn't really all that expensive. These are also viable options for people who use free dialin services like AltaVista or Blue Light that don't provide anything beyond bare-bones dialup access.
Editor Emeritus and Senior Writer, TeleRead.org
I'm tired of you filling up my DENY log files with your stupid scans!
Hi, just MHO, but I think you get more mileage out of REJECT than DENY... my home machine uses DENY for pings, and REJECT for portscans.. it's a little bit more traffic, but it can fool scanners into thinking that you're not firewalled
what does it matter? well, deception... I'd rather keep 'em guessing than let them KNOW that some ports are filtered.. because (after all), if you're filtering ports, it must be because you have something to protect, right? With NMAP, a portscan reveals ports that are open, and ports that are filtered.. but ports with nothing running at all are ignored... REJECT spoofs this behavior..
Oh, and I DENY pings because it frequently stops address-scans dead (no machine responds at that address, so they don't bother to portscan it later..).. again all part of the "keep-'em-guessing" defense..
Again, this is just IMHO...
Actually, on second thought, the last thing we need is another idiot on USENET:
Forget I said anything at all about USENET being easy to access in a number of different ways. It's really very hard and confusing, far too complicated for anyone to want to use it. No fun at all. Stick to AOL - you'll fit right in there.
@Home is going to step up port scans? Did I miss something or have the Usenet admins been giving @Home all the information necessary for many many moons?
/dev/null, and this latest press release sounds suspiciously like more of the same.
The UDP isn't because @Home has a few bad apples, it's because they've routed reports on those wormballs to
IMHO @Home is welcome to be an intranet until messages sent to abuse@home.net get responses, and preferably responses like the ones sent to abuse@erols.com
Slashdot does not have the ability to cancel posts, so please moderate this up so people can be made aware that this post contains several factual errors. I appologize.
~ Signal 11
Best thing is to handle this the way you handle a child's tantrum: let "slashdot-terminal" (how pretentious! and the .sig! oh dear ...) have some quiet time alone, for starters.
bye frank.
Because you are a firm believer that other people should be required to carry your traffic, then obviously that rule works in reverse. You should be required to carry MY traffic.
:-)
Please install an OC-3 line at your house, and run a dedicated connection to my house. Even though the OC-3 would be your own private network, you should owe it to me to carry all my traffic for free.
Do you see the problem? I've got a computer, and I've got a modem. I choose not to carry everyone's traffic through my modem because it would be a burden on me. I only carry the Usenet traffic that I read myself. You cannot and should not be able to force me to carry traffic on my own modem that I choose not to carry.
If tits were wings it'd be flying around.
As of today, we are stepping up our involvement and taking more aggressive action by performing frequent network wide scans of our
customer base to target proxy servers. Once these customers are identified, we are suspending their news service immediately.
Re-enabling will not occur until we are assured that their machines are secure. We feel that this proactive effort will dramatically
decrease the amount of extraneous news traffic originating from home.com.
Funny but this seems suspiciously like a placating move by the @Home people until they do initiate some changes other than what is specified in the response. I say this because I recently received a form letter from @Home saying they will be changing upstream perfomance for all subscribers by capping it at 5k/s. This is to take place sometime in January (I can't remember the exact date). What's more, the wording of the letter was vague and acutely clueless in its reasoning:(I'm paraphrasing here)
We will be enforcing this because some customers are abusing their bandwidth which is in turn detrimental to the new customer experience.
Excuse me?! What about my 40 bucks a month for the last 6 months?!
This tells me 2 very important facts concerning @Home as an ISP:
1) they have no clue how to properly police their own network, and
2) they will change policy and service on a whim to punish many for the abuses of relatively few.
Another corollary implication that comes to mind is that @Home cares little for current customers (We have your credit card number, we charge it monthly, and hey, you STILL have some of the best speed-wise connectivity around.) and more for garnering the attention of new customers. Whats the first thing you look for in claims of speed from an ISP? That's right, download speed, which, thankfully, @Home isn't touching...yet.
Well, to make a long story short @Home is/will be doing something about the USENET abuse it's just not what was passed on in their official response. However, I have feel absolutely certain that whatever @Home manages to concoct as a solution to USENET abuse by it's network will be just as effective as it's changes-to-be-made-soon-now that were shared in the UDP response.*chuckle*
Jakus, a miffed @Home user
--
You can be an atheist and still not want to succumb to some weird cross-over sheep disease -- AC
Mr. Stallman, if you're going to post on Slashdot, you really should use a different account name. :-)
Has anybody got any traffic data to see if the UDP is taking a substantial chunk out of the amount of spam released? I'd be VERY interested in seeing that.
I have read a lot of Cox@Home bashing here and wanted to say that I rather like my Cox@Home service. It's fast. I can download MP3's and Linux updates in a reasonable amount of time. I can navigate from one slashdot article to another in just a few seconds (this is my favorite).
To protect my machines from misuse, I use a Linux-based firewall that I have tested with several services such as www.hackerwhacker.com, so I am fairly sure I am locked down.
But does the average @Home user understand any of this TCP/IP trivia that I love and comes naturally to me? Of course not! Should the average @Home user need to understand this stuff? NO!
I like spending hundreds of hours on TCP/IP trivia. I hate mowing the lawn! If my firewall breaks, it's play time. If my lawn mower breaks, I take it to the shop.
This leads me to the difficulty @Home faces: trying to balance cost and service. Their current emphasis is on keeping cost low which, as a subscriber, suits me fine. Unfortunately, this also means that they don't have the hundreds of people with Internet AND customer services skills required to help every non-technical user who incorrectly configures a proxy server. (I mean really, how many of us who really understand this stuff would want to do customer service for @Home anyway?)
When you come right down to it, proxy servers are harder to configure than they should be. For someone who just wants to connect several PCs to their cable modem, WinGate and other venders could make it much simpler than it is.
Lets hope that @Home can figure out how to solve the this dilema quickly and fairly. It is only because of the demand created by these non-technical users, those who mess up their proxy servers, that I can have a fast connection to my house.
you can run servers, only if there set up properly and not brodcasting stuff out to the rest of the subs.
you dont have to run there software, however its the only software that they support.
You are wrong on both counts @home users can use any software to post or browse and you only need the @home pluggin to access your user information. The server issue varies by agreements(AUP) with the local cable operator. And if you are a developer running HTTP server that is not open to the general public then you can run it according to most AUPs out there
When I first saw this article I knew nothing about UDP, and very little about how USENET actually worked. After reading the UDP FAQ my eyes were open. S-terminal, you really should read it, you might then begin to understand. You have no rights to other's USENET servers. None..period. If the Sysadmin for alt.barney.die.die.die doesn't like you or you domain he doesn't have to let you post messages on his system. @Home has let a small problem fester into a big one, now in order for them to clean up their act something drastic needed to be done.
"Hmm. I am to metaphor cheese as metaphor cheese is to transitive verb crackers!"
Why is there such a huge price gap in other @Home areas between the minimum service that allows servers and "residential sevice"? There's a (wrong) assumption that anyone running servers *must* be a commercial entity. Surely there's room for the non-commercial user who wants to host his own vanity domain and host his personal web page or his page for motorcycle enthusiasts. We're talking non-commercial stuff, but the price jump from residential to commercial is HUGE and there's no in-between. Will this ever change? I'm hoping that Microsoft's inclusion of limited web server software in W2K will sway high-speed ISPs to rethink their stance against servers.
if I for example hire a person to squish grapes to make wine the grape masher does not have a word of say at all in the process of making the wine.
Lets carry this analogy a bit further:
Lets say your grape smasher is going on his mary way, and he is smashing the grapes. People with baskets come and dump grapes into the mashing area, and he mashes them. One day someone comes in with a basket of shit. He throws the basket ito the mashing area, and the masher continues to do his job.
After a while the guy paying the masher suggests that he wash his feet since his customers are complaining. The masher tells him its not his feet but the baskets of shit one of his grape people are bringing in. In order to keep his customers happy the guy paying the masher tells him not to let the guy with the shit add it to the mashing area.
john
-- john
Ever notice how many big court cases these days are settled without anyone admitting wrong doing? If, for example, a hospital admitted to wrongdoing that resulted in injury or death, there would be criminal action, none of which benefits the hospital or recovers monetary damages for the plantiff. Settle without admitting wrongdoing and the hospital gets to continue operating and the plantiff gets a nice tidy sum. Everybody's happy.
1. USENET servers are operated by indivdual Sysadmins. These sysadmins "own" thier systems.
2. ISP's are given permission to use the USENET news groups provided that they follow the rules. One major rule is that "CONTROL THE SPAM". SPAM is a problem on USENET. It clogs up bandwidth and drive space with USELESS information.
3. If the ISP doesn't control it's SPAM, the Sysadmins of the USENET sites can collectively agree that this ISP is not following the rules. The sysadmins then procede with the UDP.
4. UDP - Usenet Death Penalty - Abbreviated Def. If an ISP doesn't follow USENET rules of conduct, USENET new group sysadmins will put the ISP's domain (eg. @HOME.COM) on the "do not accept messages from" list.
5. The UDP is used to pressure the ISP into cleaning up it's problems regarding USENET SPAM.
6. Typcially the UDP is a last resort, as it was in the case of @home.com. They had been contacted about the problem repeatedly, and nothing was ever done.
7. NO user has any right to any USENET server, accept for the sysadmin himself/herself.
8. Quit trolling
If I left anything out, please let me know.
"Hmm. I am to metaphor cheese as metaphor cheese is to transitive verb crackers!"
So now they're forging moderation headers to spam their message out to the Internet? Do these people have absolutly *no clue* at all?
Lets do a brief recount of the events...
1. @home creates an environment ripe for spam, which people take advantage of. Admins do nothing.
2. Usenet admins contact @home about fixing the problem, @home does nothing.
3. Usenet admins finally get sick and tired of waiting, and call for a UDP.
4. @home finally responds, by effectively spamming a meaningless PR reply.
Gee, I guess they are really apologetic eh? Their egos must be absolutely huge over there to think that they can get away with this.
I can see it now...
*The scene is a large tower, where the President of @home is sitting in a throne laughing and counting money. Someone comes in and tells him about the UDP*
Pres: Those worms dare to challenge me!? HA!! HAHAHAHAHA!
I hope the Usenet admins bash @home into the ground with this UDP until they actually admit to their problems, fix them, *AND* Apologize for forging the moderation information to get their post put up three times. Anything less is unacceptable at this point, they've crossed a line.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
While not directly related to the subject, it does relate to the general disorganization and incompetence of @Home.
:)
Several weeks ago, I ordered AT&T@Home service -- a few weeks later a field tech comes out to my home to set me up. He does a few minor things, then says we need to wait for the cabling guy to come out and re-wire my home -- when he arrives, it takes him a good 20 minutes to comprehend the wiring. Go figure. (I've since rewired it myself, removing the unwanted splitter -- I don't use cable for television, and I told him as much. So I went directly to the cablemodem, significantly reducing the high level of signal loss they were worried about.) So now me and the field tech are waiting for it to self-configure -- but within the 45 minutes we're waiting, I never get an IP lease, or whatever the problem was. The cable light on the cablemodem just keeps blinking. He says he must leave, so he statically configures my networking properties instead of using DHCP, which is fine by me. (This guy immediately demonstrates his incompetence by misconfiguring my subnet mask, but no big deal and it's easily fixable.) He informs me that after an hour, if the cable light doesn't stop blinking, to call customer support and explain the problem. An hour passes, the light is still blinking, so I call customer support and they end up arranging for a field tech to come by again. Several hours later, the cable light stops blinking -- everything is suddenly working fine. The next day, I call customer support to cancel the field tech appointment. I then ask to speak with a tech support person, because I have a few questions. During the discussion with the tech support guy, it comes to light that my account was *just* cancelled by someone. The person taking my call to cancel the appointment mistakingly cancelled my account, instead. So the tech guy creates a new account for me, and says within 72 hours my @Home service will be reastablished. In the mean time, I may lose my connectivity. 24 hours later, I lose my connectivity. 72 hours later, I still lack connectivity. I call customer support and inform them of the situation. The tech guy informs me that my account is misconfigured, and he needs to delete it so that he can create a new one. He issues a request to the database to remove the old account, and says someone will call you within 24 hours to finalize the new account. 24 hours comes and goes, but no call from @Home. I call up customer support and inform them of the situation. The tech guy now says there is an odd problem -- he says he needs to remove my old account before he can create a new one, but he's unable to remove it for some reason. He says someone will call me within 24 hours to update me on whatever the problem is. 24 hours comes and goes, but no word from @Home. I call customer support and inform them of the situation. I tell the tech support guy that apparently the last tech support guy decided he needed to create a new account from scratch, but was unable to because he was having problems removing the old one. The tech guy looks into it, and agrees the old one needs to be removed, but he can't remove it. He says he'll mail the database management team a database correction form to correct the problem, and that within 24 hours you'll get a call from @Home. 24 hours comes and goes, but no word from @Home. I call customer support and inform them of the situation -- I get a tech support guy, and then ask for the supervisor. I talk with him at length, but he's completely clueless. I ask how I might directly contact the database team, but he says he doesn't know how. I ask them how they do it, he says he doesn't know how. I wrestle with this for awhile, and he finally then confesses he has their email address, but that he can't give it out. We conclude another database correction form must be emailed to this mysterious database management team again, but I question if this will meet with anymore success than the last one. He informs me within 40 - 72 hours, you should get a call from @Home. Oh, joy!
What a nightmare. One tech support person hung up on me after going through the arduous process of waiting, explaining what the problem was multiple times to multiple people redirecting me here and there, pushing buttons in response to voice automated systems, and so forth.
Hmmm, I wonder how many people actually read through all the above.
There are many organizations which do block entire newsgroups, so as a matter of fact UDP are going on (but to entire groups). For example some universities block the alt.sex.* groups since it doesn't have anything to do with academic studies. Isn't that censoring? Maybe university admins have something against public discussions about sex?
Now with your example with the white supremacists. I do think that some admins would block their posts and even encourage others to do so. AFAIK, a private organization is not forbidden to do this. I do not have the right to post anything in my company's lunch room.
If you think its unjust, how can you even stop an UDP? Force sysadmins to carry postings? Private organizations are making decisions like this every day even if you agree with them or not.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
There is no 'modified' internet explorer required, at least not with ATT@home. To change your info here, you just need to have the proper host and domain name, and use their DNS servers. I can access my account info from a dial up on someone elses computer using IE 5.5. Please do not spread mis (dis)information in the form of 'all' this or 'all' that. Making blanket commments never works.
First I will show extreme ignorance. Then when everyone points out what a sinner I am, I will repent.
Now I can bask in the attention of the whole congregation who agree with my new found faith. I sure hope GOD is watching ;-)
"I'm hoping that Microsoft's inclusion of limited web server software in W2K will sway high-speed ISPs to rethink their stance against servers."
Well I'm hoping that Microsoft's inclusion of limited web server software in W2K will sway users to rethink their stance on Microsoft "security".
If this is at all like PWS or FPE in quality, there'll be a lot of MS users pissed of at Microsoft for exposing them to crackers. It looks like the average @Home user gets port scanned a couple times a day (and not by @Home admins). How much do you think that's going to accelerate when just about everybody has an insecure (MS) web server running?
Sorry about the AC posting, but I'm sure you can see why. This internal memo was sent out this morning. @home is taking this pretty seriously. To our Cable Partners, We are responding to the proposed Usenet Death Penalty (UDP) of the @Home network. The initial step was to craft a response outlining what procedures (both short term and long term) we are taking to ensure the spamming of Usenet originating from out network ceases to be an issue. I have attached our response here. This message was emailed to David Ritz, who proposed the UDP as well as posted to the news.admin.net-abuse hierarchy of USENET groups and to the athome.* discussion groups. Yesterday a team of representatives from Abuse, Engineering, Server Engineering, NOC, Tier 4, and Newsgroup Policy met to formulate a plan for dealing with the current situation. It was decided that we would initiate a network wide scan immediately, specifically targetting Port 119 (Network News Transfer Protocol (NNTP)). If a response from the port is received we are suspending that customers USENET posting priviledges. If the customer does try to post, he will receive a popup error message indicating the need to email a request to have USENET priviledges reinstated. We have chosen this tact due to the seriousness of the issue and the short turnaround time for a company response to the UDP scheduled to be enforced on Tuesday, January 18. Subsequently we will be communicating with our MSO Abuse contacts to reinforce policies between the @Home abuse team and the cable partners as a whole. We are interested in persuing aggressive abuse response measures and would like to solicit your imput and support to take stronger steps in protecting our network and subscribers.
You've misunderstood the entire nature of free society.
Thats the coolest way of starting a post I've seen in the last few months. And guess what, you're right.
A) First amendment applies to government, not private citizens administrating NNTP servers, or the companies the own NNTP servers.
B) Anyone can choose to carry or not carry any group or message they want to don't want to.
Whats the issue?
There is no issue - yet another confused post, more or less well-written, has been promotted to insightful (+5) because:
a) it is well presented
b) mentions Free Speech
c) mentions Civil Rights
d) tries to provide a "different" point of view
e) all of the above
How come I never get to meta-moderate any of these?
The first post is now at 5 (Offtopic).
What sort of wacked moderation is this?? "Its an offtopic post but please read this"? Its not even offtopic, its is on-topic (besides the fact that its about RR not @Home, in that case its wrong and needs to be moderated down)
And forget the fact that it was already moderated up to 3 before Signal11 corrected himself.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
Maybe.
you only need the @home pluggin to access your user information.
IOW, you do have to be using "approved" software. Or is this plugin available for Linux?
The server issue varies by agreements(AUP) with the local cable operator.
Not according to the @Home AUP
Lacking <sarcasm> tags,
Wonderful, this is where slashdot-terminal stops defending an agrument that he has lost 20 posts ago and the real stuff starts. Doesn't the whole rest of slashdot feel like this?
Another reason for @home to block incoming traffic to my machine without asking me.
As more Linux users connect via ADSL and Cable, this is liable to become a more common problem. I set up a proxy with Red Hat 5.1 on a dialup just to see if I could but I don't know whether it would be vulnerable to spammers or script kiddies.
/etc/rc.d/rc.local
As I understand it, the filtering is done with ipfwadm. I added the following lines to
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -S 192.168.1.1/24 -D 0.0.0.0/0 -W ppp0
Is this correct? If anyone sees a problem with this, please respond. Are there non-optimum aspects, etc.?
In general, I think a well targetted set of instructions would be very helpful. FAQs can become ponderous. They are certainly worthwhile but I feel this problem would be better served by a smaller, more focused document which describes exactly how to set this up to avoid these types of problems. Several posts have suggested that high speed providers have already balked at Linux because they don't trust people to set it up properly. Well, lets work out those details in a concise, clear, short format and post it someplace. If this know-how is made available, it will remove this objection that some high speed ISPs have.
Wansu, th' chinese sailor
When I had rogers@home in the vancouver bc canada area, i receieved at least 1 portscan a day from the @home admins. My solution? Set up a nazi ruleset for ipchains that denied all connections from any 24.* and log everything, so I can ban further intrusive ip's. Just for the record, my ip was static, although in the interior of bc, the shaw@home service is not.
Lars -
> Abuse the privilege, and it can be taken away...just like a driver's license
Travelling is a RIGHT, Driving is a privilege. You DON'T need a license to travel. I travel without one and without my car being registered by the government, and I have yet to be given a ticket for speeding or for driving without a license.
Here is a list of DOCUMENTED rulings.
Driver Licensing vs. the Right to Travel
Cheers
For those not in the know port 119 is NNTP, which presumably is what caused them to get UDPd in the first place. Thehe.. they won't find my 7 ipmasqed computers, of these me & my friends ipchains are sure. BTW anyone know how to defend against the TCP stack OS identification "DOS" (for lack of a better word)? To be honest, I don't even want to hear them bitching about Linux or anything else.
--
I think there is a world market for maybe five personal web logs.
Really, now: every time someone uses "Occam's Razor" as a point of analogy in a USENET or weblog discussion is themselves guilty of analogous parsimony.
I can say that, of course, for I am an Anonymous Coward.
Here's the situation. The basic service where I live is 40$ with 100$ for installation (you can sweet talk the selling people, and they'll usually give you a free install as part of some 24/7 install or another). However, past your first CM (which is 40$ per month), you have to pay 20$ for each additional IP address past the first one. People think they can get around this any old way. I know some people, and was over with them at their neighbour's christmas party. They had 3 computers, but were unwilling to pay Shaw double the price for 2 more IPs. Their solution? Install Win[Proxy|Gate] (can't remember exactly which). Windows Proxy software is pathetic in terms of security, often riddled with easy to trigger buffer overflows. Add to that the fact that most people say "allow 0.0.0.0/24" to make their LAN setup painless, and the fact that they never audit their logs. It's a recipe for disaster. And it happens because @Home charges per IP.
My solution? I have my own firewall. It automagically blocks any hosts that probe it, I've audited it, I've nmapped it, and I've even attacked with with script kiddie tools (and had script kiddies attack it from a few IPs, which have since been ipchains blocked).
What will happen? Since I run a webserver (homepage), mail server (@Home servers are spammed like nuts), DNS server (my hostname), FTP server (my files), SSH server (secure remote admin from anywhere), and occasionally host Quake games (not recently, though) and Icecast (mainly for LAN tunes), they'll probably throw the book at me. People like me are going to get hurt. People who run Winproxies are going to get a stern talking to, but they'll likely get off scott free.
Why? Because they're closer to the AUP (the never enforced AUP). All the people inside @Home I've talked to have always said that they only enforce the AUP when they see gigs/day transfers (huge warez/porn/spammers, basically). I'm just a side victim, running the illegal servers.
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Flamebait is when J. Clueless Hacker comes on and says something along the lines of:
Linux sux! Mac Rools Joo!
This post, on the other hand, made me laugh.
Don't inflict negative karma on this poor poster because of your lack of humor.
Thank you and Good night now!
a call for UUCP
(sorry)
"It's tough to be bilingual when you get hit in the head."
Oh, yeah, they really get Usenet. Right.
Boy, I can hardly remember the last time a service provider delivered such a stark self-LART.
Man, since we are on the subject of USENET, maybe slashdot should implement some sort of killfile. Some people just aren't worth listening to. I like the fact that we can filter authors of articles, but maybe it's getting to be time to expound upon the concept a bit.
Logic ... merely enables one to be wrong with authority. -- Doctor Who
It's so much cheaper than Source Adult Video!
;)
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
1. Does anyone know how a misconfigured proxy could enable spamming? Are they talking proxies like masquerading, wingate, and what not?
:/
2. Is this just news spam? or email spam as well that they are accused of?
I really ought to purchase that Orielly book.
Thanks!
Pax -- Ob
They assign static IP's here in Rochester, MN... though one time I misstypeded when I reconfigured, and it worked anyway... the only reason I caught it is because my dhs.org alias stopped working 8^) DHCP does work, of course, but in windoze you need to set your computer name to whatever whack string they assign you (like CB23472347A7577 - not as nice as the hostnames that are done by IP... that's for sure). That number is probably in the underside on my cable modem (MAC address) - I'll have to check when I get home...
"It's tough to be bilingual when you get hit in the head."
Hmmm...
:-)
From: xxxx (Dylan) 02:30
Subject: 01/13/00:02.30: Active system ATTACK!
To: xxxx (Dylan)
Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Jan 13 02:16:12 xxxxxx portsentry[1627]: attackalert: SYN/Normal scan from host: ops-scan.home.net/24.0.94.130 to TCP port: 119
Jan 13 02:16:12 xxxxxx portsentry[1627]: attackalert: Host 24.0.94.130 has been blocked via dropped route using command: "/sbin/ipchains -I input -s 24.0.94.130 -j DENY -l"
Security Violations
=-=-=-=-=-=-=-=-=-=
Jan 13 02:16:12 xxxxxx portsentry[1627]: attackalert: SYN/Normal scan from host: ops-scan.home.net/24.0.94.130 to TCP port: 119
Jan 13 02:16:12 xxxxxx portsentry[1627]: attackalert: Host 24.0.94.130 has been blocked via dropped route using command: "/sbin/ipchains -I input -s 24.0.94.130 -j DENY -l"
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Jan 13 02:16:12 xxxxx portsentry[1627]: attackalert: SYN/Normal scan from host: ops-scan.home.net/24.0.94.130 to TCP port: 119
Jan 13 02:16:12 xxxxx portsentry[1627]: attackalert: Host 24.0.94.130 has been blocked via dropped route using command: "/sbin/ipchains -I input -s 24.0.94.130 -j DENY -l"
BwuhahahahahhahahahahahahahZHahh!!!
I love IDS
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Yes, you know how to set up IP Masq correctly... but if I recall correctly, there were some free versions of WinGate (or somesuch thing) that defaulted to allowing connections from anywhere on any interface - and the free version did NOT allow you to log connections. People sniffed them out, and the fun began.
I agree with you, though, that for @Home to start taking action on this only after the UDP threat is inexcusable.
----
1. I am not an @home customer
2. I have never spammed anyone and I probably never will. I don't think bulk e-mail is very effective and considerig how many people act like they haven't taken their prozac today I guess I really shouldn't try.
3. If anyone even tries to sue me they would have wished they haden't. I can't believe that people are that dense.
4. I just want to back up the feelings that I have and that have been growing due to rampant abuses of power and the fact that a little conspiracy has essentially screwed a whole class of people over. I have had smart ass sysadmins pull things on me in the past for extremely sketchy reasons.
5. The net shouldn't cost so god damned much in the first place. Technology is advancing right? Well instead of wasting that time playing quake improve the backbone of your news servers or make it possible for anyone to run a news server. For example people have pointed out that mirrorign all of the groups would be "impossible" (yeah right) but what about one? I think that a single 40Gb hd would work quite well for just one group for at least a week or more wouldn't you agree?
6. I have yet to actually control a coputer totally that was connected to any network at all. Most of the poeple who have are in fact incompetents and don't really belong with that type of power in the first place.
7. As we have found out in the world of computing compression is our best friend. Just compress the files and then transmit them compressed simple as that.
Please don't threaten me or personally attack me again ok?
Slashdot social engineering at it's finest
I get the feeling that they're trying to migrate from the original configuration (static) to dynamic IP addressing right now. I come from a town where we've had cable modems for somewhere around 6 years (we were testing these God awful looking things with three foot long ethernet cards and zillions of lights at the time), and @Home has been hanging around here for a very, very long time. Fairly recently, all new installations (along with getting a slick new box) have been configured via DHCP. This was a royal pain when I went to help my girlfriend with a problem with her system (somebody had managed to use a trojan horse to turn her computer into every type of server known to man). The lease is pretty long if I remember correctly, but I couldn't convince the gizmo to give my laptop an IP address when I removed her computer and put mine in. Interesting. All of the hardware address stuff I'm used to them doing has do to with the address of the cable modem itself. This time, though, it looked like they were also somehow looking at the MAC address of the 3Com card that comes with the basic setup. A couple of questions, then. When I add a machine to our network, I ask for another IP address for the cable modem configuration (no proxy servers here...don't want to use the extra computer). Otherwise, I get to use my own equipment. What about the people using DHCP? Do they have to buy registered cards from @Home, or can they register their MAC addresses themselves? Anyway, they do appear to be changing their operations a bit, at least in this community. Maybe it's just new installations, but they do have the infrastructure to go to dynamic addressing here. I try to behave (unlike somebody I know with CAT 5 running from his proxy server to his neighbor's house...), I don't rape the community's bandwidth by setting up huge servers, and I love being able to telnet and FTP to my machines at home from work, so if they call me up and tell me they're going to DHCP, I'm going to find another service, which isn't too hard in the San Francisco Bay area.
Your analogy fails because it is much harder to opt-out in the TCP reset scenario.
They might. Especially if it *is* open as a relay.
You can check if it is by telnetting to mail-abuse.org; it's not foolproof, but it detects the most obvious problems.
"An intellient entity that has access to an ip address, the intellient ability to transmit http packets to a registered top level domain called slashdot.org (sebastian.slashdot.org)"
slashdot.org is not a top level domain you moron.
*sigh*
/.. He wrote the software, he runs the server, he pays for the bandwidth in and out of the box it's hosted on. Oh, and he pays for the box. (with help from the sponsors, of course). So yes, it's *just* like usenet. and *just* like Usenet, Rob Malda has *every* rihgt in the world to walk up to the console of the server /. runs on and type *shutdown -h now*. Why not? it's his box. It's his slashdot. THIS IS NOT A RIGHT!!! It is a *privilege*, and someone else is paying for it, ion time, money, and often blood sweat and tears.... so cope. Or do it yourself.)
Let's give the analogies a break and look at what's *really* happening.
A bunch of guys (and gals) somewhere who say they run Usenet (well, actually, they're *accused* of running Usenet, apparently. I'm sure they deny the existence of the Cartel...:P)
have *suggested* to the people running the news-servers that they ignore @home for a while. Most newsadmins have enough respect for the Cartel (oh, wait... there *is* no cartel...) to listen.
So there is no question of *legal*, or of *rights* or any of that. If you are unhappy with your newsadministrators choice of acceptable news, that's between you and your newsadmin. If you don't like it, complain.
No-one is *enforcing* the UDP, except individual newsadmins. They make choices every day on which news to accept - it's just that an amount of the heavy players agree that @home have been rude. And they're teaching @home manners by ignoring them. And a lot of newsadmins will agree. And, not entirely bytheway, @home have *agreed* that there is a problem.
But let's look at that word... *choice*.
Whatever feed provides your news is a feed you have chosen. Your ISP has blocked @home? choose one who doesn't. Every news admin in the Net has *chosen* (because no-ones making them) to block @home? Then
a) there's probably a good reason (all those bofh's can't be wrong:P) and
b) be your own news admin. If you can afford it. And if you can't, then tough. Free Market economy, boys and girls... it's a beautiful thing....
Bottom line is, your ISP/newsfeed is making choices about news on your behalf. If you don't like those choices, complain to *them*, or find another ISP. Or go to dejanews. Or set up your own server. There. 4 ways to avoid the UDP.
Have fun:)
(oh, and one last point? you sum it up beautifully. I'll steal just *one* of your analogies. malda (as you call him) has every right in the world to prevent you from poting to
solitaire
--
Big Cats Don't Purr....
Everybody seems to express disbelief that this will work.
If they are right, in their "assertion" that the spams are coming through open newsservers of their clients, then their measure will certainly work very very well!
However, I do doubt their assertion. But who am I to do that?
Anyway, I'd give them the benefit of doubt, and allow them to prove that they are right. Wouldn't it be nice if they were right, and their assertion would be true?
Roger.
Check out the administrative contact email address in their whois record.. abuse@home.com! Now that's funny.
root@sumppump:~/ > whois home.com
Registrant:
Home Network (HOME-DOM)
425 Broadway
Redwood City, CA 94063
US
Domain Name: HOME.COM
Administrative Contact, Technical Contact, Zone Contact:
Varsanyi, Ami (AV1662) abuse@HOME.NET
650-569-5333 (FAX) 650-482-4062
Billing Contact:
Du, Trung (TD2157) trung@CORP.HOME.NET
650-569-5437 (FAX) 650-569-5100
Record last updated on 28-Jul-1998.
Record created on 16-Dec-1993.
Database last updated on 13-Jan-2000 13:23:09 EST.
Domain servers in listed order:
NS1.HOME.NET 24.0.0.27
NS2.HOME.NET 24.2.0.27
Speak truth to power.
Next time you connect via a different network card, try waiting about 20-30 minutes. Whenever I switch which computer is connected to my cable modem, it takes about that long for their ethernet address to ip address tables to refresh.
Seems like Robotech_Master made a simple mistake of using an inappropriate analogy and you took advantage of it. I would agree with you in that there should be some limits on what businesses could do with regard to their customers. It's inherently wrong to not allow people of one sort or another in a "club" (business) such as black people in golf clubs or Denny's.
That "club" is a business because it is selling "goods" for money. Denny's sells you food for money. The country club expects dues for usage, and sometimes huge initiation fees. To discriminate against someone because of the color of their skin or other attribute which can not be controlled is morally wrong.
Now, assume the golf club was not a business at all. Assume I just happened to be rich and had a shit load of money. Assume that I invited my friends over to play in my new 18 hold golf course I had built out back. Can you bring legal action because I don't let you on my property to play golf? Of course not! I have no obligation to allow you to use my property for no fee. If I was charging my friends for their use of the course then I would be a de-facto business and other rules apply, but not in the example given.
Now, how is USENET a business? It's not. As far as I know @Home does not pay all the other ISP's for their newsfeeds. Some companies "sell" newsfeeds. If you are a customer of one of those companies you could expect that they have an obligation to provide "full" USENET communications, but this is simply not the case. It would not be this fictional companies property (intellectual property at that!) to sell to you. They could legally sell you access to their servers, but they couldn't see you a contract that says some other company will carry your messages -- unless this fictional company had a contract with other ISP's that bound them to carry the messages.
Unless you can point to some contract that exists between @Home and all of the other ISP's that says the other ISP's are bound to carry their messages for significant measurable payment then you don't have anything to back up your claims.
Yes, there are other forms of "payment" rather than money. The ISP's could have "bartered" and exchanged non-monetary "property." One possibility would be a mutual agreement to carry each others messages, the payment being quality non-spam messages. As long as either ISP did not send significant portions of SPAM then the other ISP could be legally bound to carry the messages. If an ISP was spewing forth large amounts of spam, like @Home, then in effect they would have broken the contract and the other ISP's wouldn't be bound to carry their messages.
I'm not aware of any contract where @Home pays other ISP's, either monitarily or via other compensation, for carying their USENET messages. If you have any evidence of otherwise I'm sure everyone here would be interested in hearing it.
(Do I really have to say IANAL?)
fwr - posting anonymously.
I just talked to an @home rep, Josh, about this UDP. I tried to explain. He said "If this usenet corportation has a problem with @home users, then it is there problem." He also said, "You can't expect us to be responsible for spam just because it comes from our network.
I have @home. I say the UDP is well deserved.
--- If you don't want to know the answer, don't ask the question.
I irritates the hell out of me that companies like @home ignore complaints for Months until the net community gets so upset that they have to take drastic measures. So, Mr. Dave @home, why did you wait this long before you decided to do something about the problem? Let's put it this way. How about we just continue with the UDP until you PROVE that the problem is solved. You were given enough time, and had enough reports of abuse to do something, yet did nothing.
as usual, you guys always blast @home. always. Yesterday it was that that @home wouldn't respond. -They did. Its funny how so many people, especially you USENET losers who make it your goal in life to gripe about something like that..
hello. If you don't like broadband service don't use it. If you got complaints against a company call them and let them know its serious.
The only reason @home responded was because its an ordinary company. A company that wants to be sucessful. so get your head out of your ass. If something is wrong don't always assume they are doing something intentional (what would they gain here..?) besides bad press.
The real reason you guys are complaining has nothing to do with USENET. It has to do with sitting in front of a computer and not getting laid. Your all a bunch of college computer geeks who couldn't find the hole. some of you are still in the valley unsociably pathetic...
Go outside. Make friends (not on MUD). go to clubs. then when you have a problem with SPAM or anything else from a company/person take these steps: stop. (breathe)
think. (brain is working)
write a complaint letter.
Thats how normal people do things. They confront the individual/company.
slashdot does it differently, first they attack the company. not bothering to contact them. assuming that they won't respond. (how will they if the management doesn't know, you stupid kid.) Then after the company or individual apologizes that they were not aware and tries to resolve the problem- its too late since they must be at fault. users make a excuse.. "oh they are blaming someone else". how do you know? your not the network admin.
they are fixing it. give them some respect that they had the decency to reply and respect the workings of USENET and the internet community. nuff said
Not anymore. It's all DHCP unless you get a cool installer or change it yourself. As for servers and Linux, they don't care about Linux and don't leave your servers on default ports. The hostnames done under IP ARE the CBxxxxx. The IP pools are so fucked you can use just about anything you want. The MAC and the CBxxxxx are used for the DHCP assigns.
Someone needs to introduce @Home to the "Exponential Backoff" feature of INN.
The way it works is you set a threshold for the max reasonable number of postings from one IP. After that, each posting takes n times longer than the last, where n is setable. If a user a is trying to spam it will start getting *real* slow. Normal users are not affected.
Given that Exponential Backoff has been available in INN since before 2.0 (current release is 2.2.2), there really is no excuse for being a spam injection source.
http://www.slashdot.org is a TLD just a little off. Browsers don't care if it's slashdot.org http://www.slashdot.org or http://slashdot.org.
.org .com .net are TLDs. Understand now shit-for-brains?
Decisions about UDP are made on newsgroups, not slashdot.
Traditionally, a declared UDP has been unaffected by rhetoric and is lifted only by dramatic evidence of real change.
--Parity
--Parity
'Card carrying' member of the EFF.
As for servers and Linux, they don't care about Linux and don't leave your servers on default ports.
Parse error: it doesn't make sense for them to not leave my servers on default ports..
Do you mean "Just don't leave daemons bound to the default ports, and they won't notice" ?
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
And I quote;
For example one of the terminals has a version of MSIE 5 on it could someone tell me exactly how (considering a great deal of evil scooges may have disabled it in some way) access news from there. I think that would help out a great deal right from the start.
I'm guessing you mean you haven't experienced Usenet firsthand so I'll go ahead and give you the dive-in-headfirst instructions here. It's been a while since I used OE5 for usenet (any word on kexpress, anyone?) but let's see how much I can get from memory. Here's what you need on your end to be succesful;
1)A news server address (provided by your college, or isp.) Try "news.domain.com/edu"
2)Outlook Express 4 or 5. You can use netscape news reader but you're on you're own instructionwise from me there (haven't a clue)
In OE4/5 go to tools menu ->click on accounts. Click on the news tab and see if ones in there. If not click on [new] button then "news" from the freaky popout menu. Enter your spamproofed (this is #important) email address. A fake name is nice as well. You news server address, port 119 unless your server admin is a freak. Click finish, then close, then ok (whatever order the buttons come in). In a minute (or 15 for dialup) a list of all the newsgroups your server carries will pop up, maybe with descriptions of what they do. Add in alt.troll (if you think the trolls here are bad you should see some of the guys on this one) by double clicking or highlight->subscribe. Once you pick your groups and hit [ok] they'll look like mail folders on the left of your screen. click the folder to veiw the article headers, the headers to view the articles.
Now pick a few others. Try a few binary groups, like alt.binaries.games.quake (mostly screenshots/utilities) and maybe one of the ones with "playboy" in it. Try a few of the ones with disgusting or embarrassing names to see spam in action.
Two things not to do under any circumstances. Do not put picture attachments into a discussion (non binary group) and do not post in HTML (your newsreader will pester you to turn it off IIRC). Both of these things causes your articles to be a lot larger than they need and makes the legitimate discussions expire faster...
mcrandello@my-deja.com
rschaar{at}pegasus.cc.ucf.edu if it's important.
I use Shaw@Home here in the interior of Saskatchewan, and I have a very static IP (DHCP, yes; changing after lease expires, no -- it renews fine forever).
:-)
If you're worried about portscanning, Portsentry is very good. I used its "reverse" bind capability to make it automagically ipchains any fscking portscanner into the ground (FIN/SYN, or standard connect scanner).
The @Home people, irc.home.com, and a friend doing a test FIN scan are the only ones to set it off so far (except for when I tried Win2k on the LAN, and it started probing port 445 for no reasons -- fecking MS). It's really good, and I feel better knowing it's there (and emailing me updates every 15 minutes)
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
> I hope that you, as an end-user are not penalised for @Home's poor management. Part of responsible interneting is switching ISP's when your isp is irrisponsible and unresponsive. Most geeks, not normal users, will switch ISP's when the bandwidth sucks. Unforntunatly not enough are willing to go through the hassle of switching because of spammers and open relays. If your with your ISP then your supporting your ISP, by giving them money, and therefore supporting there decision to deal with, or not deal with spam. It should be the same as a bandwidth issue. A phone call saying I'm leaving and this is why to the support manager is usually my final step. Sure @home provides cable modems and thats nice and all but there are other services, I have a crappy cable modem right now. Im leaving the service as soon as my T1's in. I got fed up, I tried dsl, after 9 weeks of them not being able to get it right, Northpoint communications sucks, I said screw it and went with reliable. As soon as bell atlantic (yeah they suck too) wires my local loop my cable modem is gonna be slammed down on the desk at my local cable modem provide with some nasty words about QOS. Sure the UDP causes the users to suffer but its the users fault for sticking with a ISP that supports spam. You dig your own grave in this situation. Switch to make a statement. Money moves and ISP. One person leaving is not enough. As a responsible geeks its everyones reasponsibility to let the isp know when there doing wrong.
well, when I look at my info on their website, and on the printed paper they gave us back in June/July, it has all of the standard static IP info, and they told me themselves that if that's what you have, then that's what you've got...
"It's tough to be bilingual when you get hit in the head."
The cable companies in Canada (most markets) have already stopped providing static IP addresses. And it appears that they have an active anti-LINUX program going on as well. Unfortunatley their DHCP configuration is VERY random (in Canada). At least you should know your FQDN with DHCP. In the case of Shaw in Victoria they don't even tell you that. Imaging trying to ftp to 24.64.45.123.bc.wave.home.com. That is what my FQDN looks like. I also don't believe that it will take much work to convert people to the above DHCP configuration. People may not like it but our protests are, for the most part, ignored. I am switching to ADSL as soon as it is available.
Well it appears that Shaw and @home is testing the above in Canada. What I see on my @home configuration and what I get from the local DHCP server are two completely different items. When I static configure my machine with the IP information it does not work because someone else has been configured with my settings via the DHCP server! I think it is time to review ADSL... And they do have an anti-LINUX policy in Canada. Expect it in the U.S. soon.
Also, the BI would be too small to consider cancelation, and Dave the Ressurector would repost it anyway.
---
Another non-functioning site was "uncertainty.microsoft.com." The purpose of that site was not known. -- MSNBC 10-26-1999 on MS crack
--
# Canmephians for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.net";
1. You can crosspost in news.admin.*, no problem. You just can't crosspost to news.admin.net-abuse.policy.
2. The approval header was probably set by accident, as the user does generally post to @home groups with that header.
3. The third posting was actually by David Ritz, and I did approve it.
- Tim Skirvin (tskirvin@killfile.org)
I'm not sure whom to believe in this UDP mess. I've been an @Home customer for 2+ years and generally I've been happy with the service. Unlike many of you, I actually run an AIX server off my cable modem with Netscape's proxy software tunneled up to the nearest @Home proxy server on port 8080. This works wonderfully and noone at @Home has complained about this, nor will they in my opinion. In fact, the people at @Home know fully well what I run. A year ago, I got an unsolicited phone call from @Home tech support about my service. I had been suffering from some crappy packet loss for a few weeks but I had been traveling so much, I hadn't had a chance to do anything about it. They called *me* about it because they noticed it. Why did they notice little ol' me? Apparently since I run a Un*x machine, it's always up and they occasionally use my machine to run tests from California to Nashville. If I'm down or having other problems, they can't run their tests. :-) As for my configuration, I've been reasonably careful on my setup. I run a mail server which I monitor for illegal usage (it's passworded anyway) and the aformentioned web proxy server. I considered running a news server of my own but I didn't want to deal with the bandwidth that would be continuosly dumped on me just for the few boards I read. Still, I'm concerned about the general mischief going on out there so at my earlist convenience, I'm putting up a real firewall here. Time to stop f*cking around. Yeah, I wouldn't be surprised if there are lots of users running NNTP servers out there. Also remember that part of @Home is their @Work service, where companies get cable modem access. I suspect that many of them are running their own servers and here is likely the bulk of the misconfigured servers out there, assuming @Home is correct.
I'm an @Home subscriber who was configured with DHCP. My IP address has not changed in the 2+ years of service, but I suspect it might someday. Their DHCP service seems to trigger off the hostname, not MAC address. I was able to change boxes with different ethernet cards without difficulty, except I was required to provide the same hostname (using dhcpcd with Linux I had to use the hostname cmdline parameter because dhcpcd wouldn't otherwise aquire an IP address).
Sorry. My bad. Not enough sleep, way too much work.
Speaking only for the AT&T @HOME service: Although DHCP is used to make it easy to configure your network connection, the IP address itself is fixed. DHCP is not required, and Linux is one of the operating systems that is listed as supported.
My own configuration is that my lan is hidden behind a firewall (a *MUST HAVE* for any LAN with a full time Internet connection!!) with NAT capability (GNAT Box. http://www.gnatbox.com if you're interested. The free version allows up to five hosts on the protected network to access the Internet simultaneously.) The side benefit to this is that I only needed a single IP address to give Internet access to all four machines on my LAN.
I have my firewall configured to NOT use DHCP to configure the external address, which makes my network a little safer from "man in the middle" attacks. Not only is configuring the address statically expressly permitted, but it was actively encouraged by the tech who installed my cable modem.
Also, I am using my own network card to communicate with the cable modem. Again, AT&T @HOME took this in stride without even blinking.
Finally, I am using an unmodified Netscape 4.7 (downloaded directly from Netscape, not the version that AT&T @HOME gives you on their CD). I don't have any problem accessing either my account settings or the exclusive content that AT&T @HOME provides (FWIW).
From what I've seen, since AT&T bought TCI, things have been getting better and better in our area. Of course, if your @HOME service isn't provided by AT&T then YMMV.
Why can't @Home just block all external traffic from the Internet travelling to the @Home user's port 1080s? Would that not solve 95% of the problems, or am I missing something?
We have found that the primary source of our excessive USENET posting history comes from subscribers who have installed proxy software incorrectly
(I am an @Home subscriber)
Every USENET post coming from a home.com user has it's originating IP automatically placed in the headers. The IP numbers are placed there because according to @Home they help to address complaints. Surely these IP addresses could be used to shut down a spammer?
Look into the binaries groups. There are guys from home.com flooding the binaries groups with huge files. I've seen them put a file up that is broken into 1400- 1000 line segements.
Any user can setup a copy of auto-posting software like "News Poster Pro" with little effort. (http://newsposterpro.com)
You don't need to comprimise a misconfigured proxy to spam a newsgroup. You just need the software to do it.
@Home just needs to start paying attention. It would not be hard to shut down spammers with a little effort.
Of all the @Home users I know and have met online, very few have home networks. The normal @Home network customer doesn't have the resources to buy more than one computer or the basic skills to build a home network.
I recently sent @Home email telling them I wanted to set up a DTK box on my network. (http://all.net/dtk/dtk.html) I told them I was doing this solely for experimental purposes. I didn't get a response until about 3 weeks later, and all they wanted to tell me was that they had recieved my mail and that I should call them to discuss my problem further!
As far as the UDP goes, I say let 'er rip. I'd hate to lose the ability to post to the ng's I frequent. However, @Home's response to the UDP announcement isn't much different than that of a spoiled brat who needs a spanking.
Spank em!
These guys dont even deserve to keep their feed! Nope, plug the plug on them (or flip the swithch and make them extra crispy! ;)
Sometimes @Home is the only game in town though or the other services are even worse, unless you want to switch back to dial-up (not gonna happen). T1 is still way too expensive in most areas and most people are not going to pay $1000+/month for a T1 to their house. That's just insane and not even worth it.
I am an @Home subscriber in the Northern VA area, and although we are initially setup with DHCP the leases are permanent. They do this because they "reserve the right" to change the ip, but as long as you aren't having any problems it should be the same ip. It doesn't matter if you change systems/NIC's. I don't even setup DHCP on my systems, but rather just use the IP that was assigned to me no matter which system is attached. You may want to try this, as I believe it will probably solve your problems.
The problem about which they are being proactive is not spam, which they're quite clearly totally happy about*, but the forthcoming UDP. The UDP effectively puts them out of business, since they exist to connect people to the internet, and if there is an active UDP against them their users are going to leave in droves. Since the UDP is a future problem, anything they do to block spam is acting proactively against the UDP and fundamentally against a drain on their own wallet sizes. Spam is not their problem. The UDP is.
And just because they know about it doesn't mean they no longer qualify for the term "proactive". There's no point being proactive about stuff you know isn't going to happen, which is why e.g I don't scan my Linux box for Losedows viruses, but you can be proactive about stuff you know might, will or will eventually happen.
* Dumping 166MB of spam onto Usenet daily and ignoring complaints is, I'd say, a clear indication that they positively promote spam, rather than try to stem like the rest of us do.
Thanks for correcting me, Tim. I didn't actually look at the headers on the third one.
-Todd
---
"The details of my life are quite inconsequential..."
>So then give me an example of a news server which did or does not follow the UDP? Can you even think of or list one?
Yes I can. Don't forget no one is forcing this on anyone.
From: http://www.cnn.com/2000/TECH/computing/01/13/atho
"Pathlink doesn't plan to enforce the UDP."
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
That is only coincidentally pronounced "tossers", by the way ;-)
Most TOS's I've seen have a clause that says they don't guarantee uptime, so if athome have the same clause they could simply fix the problem by pulling the proverbial plug out of the socket. This would presumably result in the UDP being lifted too as the spam would drop to zero.
Of course they want to provide a continuous service to their users so they probably won't go this route, but the point is - if they don't guarantee uptime they don't need 30 days notice to solve the problem.
If they can't do a scan w/o 30 days notice, and they need to do a scan to fix the spam, then they've got a (30 day downtime) problem. Most users I think though wouldn't quibble about a scan done in lieu of a scan being done anyway plus 30 days downtime. It's not as if they have a choice about the scan.
Welcome to the land of IP redirect :) @home is easily fooled if you are careful and have a physical firewall...I run dedicated servers and several machines, and the company is on 60 day DHCP lease..it causes minor confusion every 60 days but it WORKS :
I think you need to give the USENET mob more credit than you do. The UDP has never been used to censor content. You have not presented one shred of evidence suggesting that the UDP will ever be misused to censor content. Indeed, the history of the UDP suggests that it has always, and will always, be invoked only against problems concerning volume of posts (spam), and not problems concerning content of posts (censorship).
The people running the show behind the UDP are well aware of the difference between spam-filtering and censorship. They certainly know more about the difference than you do. Spam-fighters reject posts based on volume, while censors reject posts based on content.
I can definitely see individual news server admins performing content-based censorship (the admins here at Harvard are first-rate at that), but I find it inconceivable that a content-based UDP would ever find net-wide support.
Berkeley, South Dakota?
Actually that is not so, the eula in the contract which I signed with Cox@Home in Hampton, VA stated nothing about running servers/services being a breach of contract. It stated that if you run such things, (including a linux box and it's services), that "you" the user, are responsible for those who have access, internally or externally. I can't say that "Most" @Home systems use static IP addresses since everyone here has static, including my 3 static IP's on one cable modem and 2 static IP's on another. You also do not Have to use their "Modified" version of Internet Explorer. In my area, which I can only attest for, if you set your sh*t up right, you can goto http://www/ and view @Home's crap if you really want to with any browser on any OS, to include Netscape on Linux. I don't see why everyone thinks that @Home dicks over their customers. I'm quite happy pulling 600KB/s downloads at anytime I want to. And to that, I am finished venting.
> That aside, what is a privilege is the convenience that a particular ISP provides. Abuse that privilege by using the ISP's services in an inappropriate manner, and it can be revoked. Of course, you can always get another ISP, or resort to the methods above. That's how spammers keep at it. They've been kicked off so many ISPs, so they find other ways to get on...and they keep succeeding.
Once again, another good post which I agree with.
I guess the only solution is to have the ISPs not forward spam, since as you mention, everyone has a "right" to the internet.
Seems like SPAM is going to be around for a while, since no laws are being broken by the bastards, er, spammers.
Cheers