| Rich Kulawiec on 30 Aug 2018 06:20:49 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Linux tip: Log IP addresses, not hostnames, for use by fail2ban... |
On Wed, Aug 29, 2018 at 02:47:50PM -0400, Charlie Li wrote: > In a recent (as in earlier this month) talk this guy gave that George > and myself had the *privilege* of absorbing, he states that this pattern > of poor, incompetent operations stands to show that what the public (get > made to) think are vulnerabilities, are actually business models! Precisely so. In the same way that it's highly cost-effective to run a pollution-producing business and dump the resulting effluent into the nearest stream without any treatment (provided of course nobody stops them), it's highly cost-effective to run an Internet operation that produces attacks and abuse, and dump those (and their resulting costs and consequences) onto everyone else without making the slightest attempt to mitigate them. Everyone has their issues from time to time. Sporadic and isolated events happen even on the most diligently run networks. But chronic and systemic problems are the hallmark of poorly managed operations, and when those persist for years on a widespread basis, it becomes abundantly clear that this situation isn't an accident: it's deliberate behavior calculated to maximize profits by shifting the costs of doing (competent, professional, responsible) business onto everyone else. I pay for this. You pay for this. We all pay for this, with time and money and aggravation and complexity. Which is one reason why I recommend that everyone cease to provide them with the means to do it. Because filing abuse reports won't work. Asking nicely won't work. Appealing to professionalism won't work. (We know these things won't work because we've tried them. Thousands of times over many years.) You know what works? Firewalling. Blacklisting. Null-routing. Those are the only things that have ever worked and in all probability, they're the only things that are ever going to work. ---rsk ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug