Slashdot Mirror

← Back to Stories (view on slashdot.org)

Naming and Shaming "Bad" ISPs

Posted by Soulskill on from the gettin'-called-out dept.

An anonymous reader writes "Brian Krebs takes a provocative look at ISP reputations, collecting data from 10 different sources that track 'badness' from a multitude of angles, from phishing to malware to botnet command and control centers. Some of the lists show very interesting and useful results; the ISPs that are most common among the various reputation services are some of the largest ISPs and hosting providers, including ThePlanet and Softlayer. The story has generated quite a bit of discussion in the security community as to whether these various efforts are measuring the wrong things, or if it is indeed valid and useful to keep public attention focused on the bigger providers, since these are generally US-based and have the largest abuse problems in terms of overall numbers."

5 of 79 comments (clear)

  1. ThePlanet by Manip · · Score: 5, Interesting

    It is a shame that ThePlanet is doing so badly. I've used them before for dedicated hosting and was very happy with the service I received. I will say that they are very "hands off" (which is generally good, but bad in this case). I think one has to remember that this is a chart of which ISPs are most responsive and active in stopping abuse originating from their network and not some kind of general review of the service they offer.

    That being said I think all the ISPs listed should be unhappy about appearing on these lists and should actively be trying to fix their reputation or risk getting blacklisted.

  2. Network neutrality by BadAnalogyGuy · · Score: 5, Funny

    You take the good. You take the bad. You take them both, and there you have Net Neutrality.

    Net Neutrality. When the world never seems to be living up to your dreams, and suddenly you're finding out Net Neutrality isn't all about you.

  3. Re:New Jersey by sopssa · · Score: 5, Interesting

    Some of the ISP's in the list are huge hosting companies, namely ThePlanet, Layered Tech, Leaseweb, OVH.. You have no idea how big they are unless you've visited one of their data centers. They host millions of servers. How would they check it all? For that matter, who wants their data center staff snooping around in your server?

    Being one of the largest hosting companies in the planet obviously brings in bad guys too.

  4. Re:New Jersey by agoliveira · · Score: 5, Insightful

    Please. If you are a big company you need to be prepared to deal with larger portions of the same: good tools, good (and bigger) staff, a specialized security/response team. It's like any other company, One can't expect to run a large company with the same resources used in a small one.

    --
    Scientia est Potentia
  5. Re:Laughable by Antique+Geekmeister · · Score: 5, Insightful

    Because it does make your network less safe. Having the script kiddies, the spammers, and the harvesters active on your subnet exposes you much more directly to their abuses, and to the likelihood that your logs will be cluttered with the attacks from their servers. It also gets _you_ added to email blacklists and routing table blackholes, because your customers may be tired of the abuse from your network and find it far simply to simply block you.

    The expense of a more reliable and secure server is an issue. But there's nothing like the self-righteous DDOS attacks that have occurred against networks that serve abusers to clutter the traffic of even innocent clients: it imperils the service for legitimate, paying customers. Cases like "agis.net", who hosted the Cyberpromo spammers before a DDOS against them finally got them to take action, make a fascinating study in the risks of hosting abusers. Conversely, xinnet.com in China is happy to host spammers: with the size of their service and the limited choices available to consumers in China, they're effectively immune from prosecution or attack.