IIALP - Abuse Logging Protocol

George Davey sent us a press release about abuselog.org, a site for the development of a generalized protocol for logging internet annoyances and abuses to a set of central servers, which could then be queried to find out which IPs are luserish.

I hope

[jb.hl.com]

There's some form of verification.

In and of itself, this could be very easily abused by, say, people with a grudge who want to essentially get someone else an internet death penalty.

Fatal flaw in environmental assumption

[bourne]

Having just skimmed the draft, there's a fatal flaw with this solution. To quote:

The idea is that no one person can make a big impact to the Root IIALP Servers but a million people all annoyed by the same SPAM can make a huge impact.

However, they don't seem to address the idea that one person controlling a million drones that send spam today... can control a million drones that submit IIALP reports about, say, cnn.com tomorrow, resulting in an DOS from all the sites that block based on the IIALP lists. They rely upon the reports of end-users, but do not take into account the fact that massive volumes of "end-user" machines are compromised and usable as drones for whatever nefarious uses their 0wner wants.

In short, their anti-spoof assumes individual malicious user endpoint hosts. If the malicious users on the Internet were limited to individual endpoint hosts, we wouldn't need solutions like IIALP!