[anti-abuse-wg] Definition of Abuse - preamble
- Previous message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
- Next message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Thu Aug 25 14:38:20 CEST 2016
Hello Gunther, Okay, I have read through your reply and it seems you do not understand that a single resource is not a network. Internet Abuse - Needs two resources - otherwise it is not a network and by default - not Internet Abuse. If you are on my server: unauthorized - is abuse authorized - is not abuse If you use my server to do something to another resource... Get it yet? Hope this helps you Kind Regards Andre On Thu, 25 Aug 2016 14:17:01 +0200 Gunther Nitzsche <gnitzsche at netcologne.de> wrote: > On 08/24/2016 12:21 PM, ox wrote: > > yes at least 2 different resources always has to be involved for it > > to be Internet Abuse > > Thanks for pointing this out, but I don't get it .. why do you want ro > restrict the > definition in this way? There might be the case that next year someone > brings > up a topic of abuse not covered by this restriction and people > involved start > to argue. I prefer to be as general as possible when defining such a > word. > > ... > > if you use the same resource it is not Internet Abuse - as in your > > own example using someone's CPU to mine bitcoin and doing so on the > > CPU directly, is not Internet Abuse (it is very abusive, though!) > > Of course it is - I remotely (via the internet) control your server, > doing abusive things. If someone would complain > at abuse@ about such an incident I would expect the source provider to > act accordingly. > The remote control can be a security breach, but that is not the > point. > > > > if you have broken in/compromised security etc - it is Internet > > abuse, in terms of the current definition In the example of > > directly using my email server to send spam it falls within the > > definition of Internet abuse as defined above :) > > I do not see the second resource involved in this case. > > So therefore I would like to change the sentence to: > > "The infringement of usage rights by the non sanctioned use of > resources" > > along with your additional definitions.. (This includes >=1 > resources..) > > (Someone might correct my english) > > (instead of: > "The non sanctioned use of a resource to infringe upon the usage > rights of another resource" > ") > > > > and btw .. I would also like to see Ronald's valid questions > answered. > > If there are no actions, sanctions whatsoever following the > definition of abuse and the ongoing discussions here than this Group > has officially turned > into a Debate Club of old nerds (including me:), beeing probably kind > of ... how do I say...inefficient? (at least as a RIPE working > group) > > > ...But.. On the other hand: https://www.ripe.net/support/abuse : > > "The RIPE community has an Anti-Abuse Working Group > <https://www.ripe.net/ripe/groups/wg/anti-abuse> that discusses topics > relating to > Internet abuse and ways to prevent it. If you are interested in abuse > topics, you may > want to join the Anti-Abuse Working Group Mailing List > <http://www.ripe.net/mailman/listinfo/anti-abuse-wg/>." > > > and: > https://www.ripe.net/participate/ripe/wg/anti-abuse : > (as Brian said in 2013: > "The main text of that page is the WG Charter. It may be useful to be > more explicit on this, but that is the charter. " > > "...The working group considers both technical and non-technical > aspects of abuse, with the following goals: > > * Produce and continue to update a BCP (Best Common Practice) > document for ISPs similar in nature to RIPE-409 > <https://www.ripe.net/publications/docs/ripe-409> but covering a > wider range of possible abusive behaviours. > > * Provide advice (beyond that of the BCP) to relevant parties within > the RIPE region such as ISPs, governments and law enforcement > agencies on strategic and operational matters. > > * Discuss and disseminate information on technical and non-technical > methods of preventing or reducing network abuse." > > > That could mean we should just focus on the configuration of > spamassassin and force the use > of dmarc and x-arf and talk about "to block or not to block a failed > DKIM E-Mail" like other > anti-abuse groups do instead of e.g. trying to force RIPE NCC to > terminate LIR contracts > based on abusive behaviour. (no irony) > > So instead of searching a definition of abuse (which will be really > helpful I believe) we also > could start to (re-)define the goals of this group. If there would be > consensus that it is not the task > of this group to discuss also anti-abuse behaviour of RIPE/RIPE NCC or > how to treat LIRs, then we > can happily focus on other things. (In that case: sorry Ronald..) But > that would not be my opinion.. > > > > >Andre > > (searching for cover:) > best greetings, > Gunther > > NetCologne Systemadministration >
- Previous message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
- Next message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]