From: Steve Birnbaum (no email)
Date: Tue Feb 10 2004 - 04:47:01 EST
> Your staff will still get a ton of complaints. If these can
> be parsed by a script that looks for virus / trojan strings in the
> complaint,extracts the IP (or has your NOC dude just click the IP in his
> ticketing system, like in RT + IRTT) and the account just goes away - then
So you want a major ISP to simply automatically disable accounts of its
users based only on automated detection of an IP address and timestamp in
something that APPEARS to be a complaint to an automated script?
Do you want to start a pool to see how long it will take before the
dictionary complaints start rolling in once such a system becomes publicly
There is a reason why there are humans (overworked, unfortunately) handling
abuse complaints. Make it easy, sure...but make it easy for the human to be
able to properly inspect the complaint to see if it's legitimate BEFORE
But to the original issue of accountability. If an ISP can't write a simple
tool to take an IP address & timestamp and spit out a username from radius
logs, how do you expect them to implement a hash-based rdns tagging system?
---- Steve Birnbaum SkyVision Global Networks Phone: +44 20 83871750 Email: Note that it is never the fall that kills, it's the landing.