This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Definition of Abuse - preamble
- Previous message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
- Next message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Thu Aug 25 14:38:20 CEST 2016
Hello Gunther, Okay, I have read through your reply and it seems you do not understand that a single resource is not a network. Internet Abuse - Needs two resources - otherwise it is not a network and by default - not Internet Abuse. If you are on my server: unauthorized - is abuse authorized - is not abuse If you use my server to do something to another resource... Get it yet? Hope this helps you Kind Regards Andre On Thu, 25 Aug 2016 14:17:01 +0200 Gunther Nitzsche <gnitzsche at netcologne.de> wrote: > On 08/24/2016 12:21 PM, ox wrote: > > yes at least 2 different resources always has to be involved for it > > to be Internet Abuse > > Thanks for pointing this out, but I don't get it .. why do you want ro > restrict the > definition in this way? There might be the case that next year someone > brings > up a topic of abuse not covered by this restriction and people > involved start > to argue. I prefer to be as general as possible when defining such a > word. > > ... > > if you use the same resource it is not Internet Abuse - as in your > > own example using someone's CPU to mine bitcoin and doing so on the > > CPU directly, is not Internet Abuse (it is very abusive, though!) > > Of course it is - I remotely (via the internet) control your server, > doing abusive things. If someone would complain > at abuse@ about such an incident I would expect the source provider to > act accordingly. > The remote control can be a security breach, but that is not the > point. > > > > if you have broken in/compromised security etc - it is Internet > > abuse, in terms of the current definition In the example of > > directly using my email server to send spam it falls within the > > definition of Internet abuse as defined above :) > > I do not see the second resource involved in this case. > > So therefore I would like to change the sentence to: > > "The infringement of usage rights by the non sanctioned use of > resources" > > along with your additional definitions.. (This includes >=1 > resources..) > > (Someone might correct my english) > > (instead of: > "The non sanctioned use of a resource to infringe upon the usage > rights of another resource" > ") > > > > and btw .. I would also like to see Ronald's valid questions > answered. > > If there are no actions, sanctions whatsoever following the > definition of abuse and the ongoing discussions here than this Group > has officially turned > into a Debate Club of old nerds (including me:), beeing probably kind > of ... how do I say...inefficient? (at least as a RIPE working > group) > > > ...But.. On the other hand: https://www.ripe.net/support/abuse : > > "The RIPE community has an Anti-Abuse Working Group > <https://www.ripe.net/ripe/groups/wg/anti-abuse> that discusses topics > relating to > Internet abuse and ways to prevent it. If you are interested in abuse > topics, you may > want to join the Anti-Abuse Working Group Mailing List > <http://www.ripe.net/mailman/listinfo/anti-abuse-wg/>." > > > and: > https://www.ripe.net/participate/ripe/wg/anti-abuse : > (as Brian said in 2013: > "The main text of that page is the WG Charter. It may be useful to be > more explicit on this, but that is the charter. " > > "...The working group considers both technical and non-technical > aspects of abuse, with the following goals: > > * Produce and continue to update a BCP (Best Common Practice) > document for ISPs similar in nature to RIPE-409 > <https://www.ripe.net/publications/docs/ripe-409> but covering a > wider range of possible abusive behaviours. > > * Provide advice (beyond that of the BCP) to relevant parties within > the RIPE region such as ISPs, governments and law enforcement > agencies on strategic and operational matters. > > * Discuss and disseminate information on technical and non-technical > methods of preventing or reducing network abuse." > > > That could mean we should just focus on the configuration of > spamassassin and force the use > of dmarc and x-arf and talk about "to block or not to block a failed > DKIM E-Mail" like other > anti-abuse groups do instead of e.g. trying to force RIPE NCC to > terminate LIR contracts > based on abusive behaviour. (no irony) > > So instead of searching a definition of abuse (which will be really > helpful I believe) we also > could start to (re-)define the goals of this group. If there would be > consensus that it is not the task > of this group to discuss also anti-abuse behaviour of RIPE/RIPE NCC or > how to treat LIRs, then we > can happily focus on other things. (In that case: sorry Ronald..) But > that would not be my opinion.. > > > > >Andre > > (searching for cover:) > best greetings, > Gunther > > NetCologne Systemadministration >
- Previous message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
- Next message (by thread): [anti-abuse-wg] Definition of Abuse - preamble
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]