Slashdot Mirror

← Back to Stories (view on slashdot.org)

Naming and Shaming "Bad" ISPs

Posted by Soulskill on from the gettin'-called-out dept.

An anonymous reader writes "Brian Krebs takes a provocative look at ISP reputations, collecting data from 10 different sources that track 'badness' from a multitude of angles, from phishing to malware to botnet command and control centers. Some of the lists show very interesting and useful results; the ISPs that are most common among the various reputation services are some of the largest ISPs and hosting providers, including ThePlanet and Softlayer. The story has generated quite a bit of discussion in the security community as to whether these various efforts are measuring the wrong things, or if it is indeed valid and useful to keep public attention focused on the bigger providers, since these are generally US-based and have the largest abuse problems in terms of overall numbers."

2 of 79 comments (clear)

  1. Re:New Jersey by agoliveira · · Score: 5, Insightful

    Please. If you are a big company you need to be prepared to deal with larger portions of the same: good tools, good (and bigger) staff, a specialized security/response team. It's like any other company, One can't expect to run a large company with the same resources used in a small one.

    --
    Scientia est Potentia
  2. Re:Laughable by Antique+Geekmeister · · Score: 5, Insightful

    Because it does make your network less safe. Having the script kiddies, the spammers, and the harvesters active on your subnet exposes you much more directly to their abuses, and to the likelihood that your logs will be cluttered with the attacks from their servers. It also gets _you_ added to email blacklists and routing table blackholes, because your customers may be tired of the abuse from your network and find it far simply to simply block you.

    The expense of a more reliable and secure server is an issue. But there's nothing like the self-righteous DDOS attacks that have occurred against networks that serve abusers to clutter the traffic of even innocent clients: it imperils the service for legitimate, paying customers. Cases like "agis.net", who hosted the Cyberpromo spammers before a DDOS against them finally got them to take action, make a fascinating study in the risks of hosting abusers. Conversely, xinnet.com in China is happy to host spammers: with the size of their service and the limited choices available to consumers in China, they're effectively immune from prosecution or attack.