cursed pirated DCC software

Vernon Schryver vjs@calcite.rhyolite.com
Thu Jun 30 01:32:17 UTC 2005


> From: Bob Johannessen 


> Could you maybe Cc reports here, or at least post blacklist deltas
> a week or two before they go into effect? That way we (the DCC users)
> will have a chanse to sort things out with our ISPs before we're cut
> off...

That sounds reasonable.  It would require adding another step
consisting of "fix it or you'll be added to the published
pending blacklisting list."

Something related might be a good idea for the current DCC client
blacklist entries.


] From: Paul Vixie 

] because this just escalates to fingerpointing, the end result will be
] a black eye for DCC, and a number of potential users going elsewhere,
] and irresponsible ISP's, as has ever been the case, getting away free.
]
] i think you might want to do something more insideous than blacklisting,
] which is ignore all checksums you're sent from these address blocks,
] and always respond with MANY when asked a question from these address
] blocks.

I appreciate the trick of marking all mail from customers of misbehaving
ISPs as if it were spam on the DCC server-side.  That's an idea that
might have applications elsewhere.  However, if the black eye for the
DCC matters, making the data not merely selectively unavailable but
wrong sounds worse.  Should I understand that you are really saying
it is a bad idea?

None of the current blacklist entries do not matter to the blacklisted
organizations, because the entries affect networks with sick firewalls
that pass outgoing DCC requests but filter returning DCC answers.
Blacklisting them is invisible to them, because they're own firewalls
effectively blacklist them.  The public DCC server blacklist saves cycles
and bandwidth on the servers by letting them not bother responding
with answers that won't be heard.  This new notion differs in two ways.
If it works, it would be because it would be noticed.  It also is not
purely about protecting the couple dozen public DCC servers but other
servers.  General protection was the main idea for the blacklist file
that dccd scans, but it has rarely been used that way.


} From: "John Scully" 

} I see no problem with your plan.
}
} The public DCC servers are provided free of charge as a public service.  No
} one has the right to abuse this platform, and any action you take to protect
} the integrity of the network should be acceptable to all legitimate users.

I should mention that as far as I know, this threat is only to my own
bandwidth and logs.  The log entries warning that unauthorized anonymous
clients are trying to use my DCC server irritate me beyond reason
(if not as much as condescending lessons in French on IP addresses)
and obscure potentially important log complaints about the new version
I'm always testing.

I'm beginning to think that it is a bad idea.  Maybe I can do something
else to suppress the messages in my logs.  They are generally good to
detect the legitimate but apparently anonymous users of a private DCC
server with anonymous access turned off.

What can you do about irresponsible ISPs and the users who patronize them?
Nuking 'em from orbit doesn't seem practical just yet.


Vernon Schryver    vjs@rhyolite.com




More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.