[OT somewhat] DDOS attacks, where to report?

[OT somewhat] DDOS attacks, where to report?

E.S. Rosenberg esr+linux-il at g.jct.ac.il
Sat Jan 26 21:32:34 IST 2013


The customer/the ISP can purchase specialized firewalls to defend against
DOS/DDOS attacks.

The subject of the attack can try to approach the local police and in some
cases they will work on taking down the botnet, see for instance Dutch
police, FBI and other European forces spending time on these cases.

But unless your friend shows that he is taking serious steps to prevent
this type of thing in the future no ISP has to allow him onto their
network, there are ISPs that specialize in hosting sites that are prone to
being attacked but the price is obviously accordingly.

Regards,
Eliyahu - אליהו


2013/1/26 Jonathan Ben Avraham <yba at tkos.co.il>

> Hi Shimi,
> You are suggesting that there is no recourse to DDOS attacks, that
> Israelis are fair game for foreign attacks and it is no one's business
> except for the victim.
>
> The ISP does need to "suffer" in this case, in that the ISP has allowed an
> act of war to be committed through his service. I see little difference
> between this and the cab drivers who transport illegal workers from the
> Palestinian territories to jobs in Israel. We require the drivers to take
> some responsibility for whom they transport.
>
> I am suggesting that ISP's be charged with some level responsibility for
> investigating and reporting these attacks. That's in the national interest.
> I suspect that in the cases of large institutions, even non-governmental
> institutions such as banks, that  there is in fact some national response,
> but that this protection is not currently extended to smaller players. If a
> rocket hit's your home you get some protection at the national level. If a
> DDOS attack from a hostile government attacks your business, it's not in
> the national interest to provide some level of protection?
>
>  - yba
>
>
> On Sat, 26 Jan 2013, shimi wrote:
>
>  Date: Sat, 26 Jan 2013 20:20:30 +0200
>> From: shimi <linux-il at shimi.net>
>> To: Jonathan Ben Avraham <yba at tkos.co.il>
>> Cc: ILUG <linux-il at cs.huji.ac.il>
>> Subject: Re: [OT somewhat] DDOS attacks, where to report?
>>
>>
>>
>> On Sat, Jan 26, 2013 at 7:55 PM, Jonathan Ben Avraham <yba at tkos.co.il>
>> wrote:
>>       Dear Linux-IL colleagues,
>>       An associate of mine who runs a hosting service has been the victim
>> of persistent DDOS attack, apparently from botnets that are mainly located
>> on other countries.
>>
>>       His Israeli service providers have responded to these attacks by
>> cutting off his service.
>>
>>       Is there someone in ISOC-IL
>>
>>
>> Don't know (even if they would, what power do they have? besides being
>> the .il domain registration expensive monopoly....)
>>
>>       or the police who will take a complaint seriously?
>>
>>
>> They most probably won't. Not to mention that even if they would, you
>> can't police foreign countries. You need Interpol. Do you think that's
>> gonna happen?
>>
>>       I suggested that he file a complaint with the police, then with the
>> copy of the complaint in-hand ask his attorney to call the service
>> providers to demand restoration of service.
>>
>>
>> Did he read his contract? Did he notice "if the customer becomes a
>> detriment to the network..." clause?
>>
>> Does his ISP need to suffer because of his business? Bandwidth cost their
>> money. Denial of service can cause issues to other customers, and ISP might
>> be hurt financially via lawsuits from said customers. Will he compensate
>> ISP for that?
>>
>> What needs to be the threshold? Does the ISP needs to continue giving him
>> service if the whole ISP gets down for 4 hours, like happened last Tuesday
>> to 012?
>>
>> -- Shimi
>>
>>
>>
> --
>  EE 77 7F 30 4A 64 2E C5  83 5F E7 49 A6 82 29 BA    ~. .~   Tk Open
> Systems
> =}----------------------------**--------------------ooO--U--**
> Ooo------------{=
>      - yba at tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20130126/b1589577/attachment.html>


More information about the Linux-il mailing list