S/hackers/script kidiots/g<br><br>On Sunday, December 9, 2012, Cal Leeming [Simplicity Media Ltd] <<a href="mailto:cal.leeming@simplicitymedialtd.co.uk">cal.leeming@simplicitymedialtd.co.uk</a>> wrote:<br>> Sounds like I might have slightly misinterpreted your initial email and jumped too fast to a conclusion, so my apologies for this!<br>
> I agree that it's rare to have a discussion about such topics without things getting hot, and hearing someone else's thoughts on the subject has been quite interesting.<br>> Cal<br>><br>> On Sun, Dec 9, 2012 at 6:49 AM, Brian Foster <<a href="mailto:bdfoster@endigotech.com">bdfoster@endigotech.com</a>> wrote:<br>
><br>> I appreciate your comments and concerns, and I respect the fact that we can talk about this stuff without things getting ugly. My comments are below.<br>> -BDF<br>><br>><br>> On Sat, Dec 8, 2012 at 11:46 PM, Cal Leeming [Simplicity Media Ltd] <<a href="mailto:cal.leeming@simplicitymedialtd.co.uk">cal.leeming@simplicitymedialtd.co.uk</a>> wrote:<br>
><br>> Thank you for the detailed response.<br>><br>> On Sun, Dec 9, 2012 at 1:29 AM, Brian Foster <<a href="mailto:bdfoster@endigotech.com">bdfoster@endigotech.com</a>> wrote:<br>><br>> The 'bad apple' in which I was referring to was using the same IP as a client of ours. He was trying to DOS the honeypot from an IP I posted on the mailing list when doing some testing for someone. I have no idea if he read the post on the mailing list or not. It's not really of my concern.<br>
><br>> You know what happens when someone attacks one of our clients? <br>> We track them down, introduce them to the CTO/CEO of the company they attacked, and give them an opportunity to prove themselves. I have been involved in this process on several occasions now where the outcome has been extremely positive. I'm not saying this works all the time, but sometimes people don't need punishment, they need guidance.<br>
><br>> This is not really a practice of ours because there are so many people out there that contribute to the problem. It's too time consuming to educate those people. I really wish I could do that, but it's just not feasible. We do not actively pursue these abusive IP's nor do we DDOS them or fight back in any other way other than fighting back some of the noise through blocking those activities on machines we support.<br>
> <br>><br>> If you got on the wiki and searched for fail2ban, you would be setting up your server to jail the same IP's we are under the same circumstances. The only difference is we log who gets caught by fail2ban and distribute the list internally. <br>
><br>> We do not release this information per company policy. We also do not gather this information from other sources. We only use the information we gather through the processes we put in to place.<br>> My comment on the 180K IP's was mostly sarcastic, however. It probably wasn't appropriate and I do apologize for that. <br>
> I'm not exactly up to date on the legalities of releasing that type of information so we rather not release it. It's nothing against the freeswitch community or the open source community. We just don't like getting in trouble.<br>
> If we did spend the resources into making sure everything was legal on the information regarding the 180K IP's, we would certainly release these free of charge. It's not something I would be interested in making money from.<br>
><br>> The concept is no different to email blacklist databases (e.g. XBL), and there would be no legalities stopping you from releasing this information into the public domain - only internal red tape and policies. I can say this with at least some authority on the subject (although I'm by no means an expert).<br>
><br>> I'm open to this idea, but I would have to consult attorneys to do this. We operate very cautiously as in we do not operate in grey areas. If this is a potential grey area we will certainly take the extra precautions in order to prevent legal issues. <br>
> This isn't some big company that has endless amounts of resources. We're a small business, just like those we support. We also have to consider how this effects our clients as well, and we