Home page logo

basics logo Security Basics mailing list archives

RE: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Sat, 13 Mar 2004 08:04:01 -0600

In other threads, y'all are complaining that xyz ISP doesn't do anything
about Spammers.   You can't have your cake and eat it too...

I think you can make a cogent argument that an ISP scanning inside it's
network is not only prudent but required, with the proper precautions taken.

Item: The RR TOS cited early in this discussion clearly permit them to do
Item: Similarly in the TOS, it probably prohibits running a server.

Thus you can argue - and probably successfully although I'm not a lawyer -
that all they are doing is enforcing their TOS as they told you they might.
That's a simple matter of contract law.  If you don't like it, take your
business elsewhere.

But let's play with this some more and get into my prudent & required

Given the reality of how networks are provisioned (and the cost models ISPs
use), somebody running a server and using unexpected amounts of bandwidth
(in the reverse direction), may affect all customers.

Take the most extreme case, a Satellite ISP, with very restricted return
(uplink) throughput.  In order to provide you with good service for normal
requests (http get, for example), the ISP would like to provide you with the
entire 64 Kbps uplink channel for the brief interval you need to send data.
But, if you run a server and utilize that for long periods, you impact ALL

The ISP has two choices - ban servers or throttle all users to their 1/nth
of that 64 Kbps, which would provide service that sucks...  To provide the
contracted service to all users, is it required that the ISP enforces their

Essentially, while the limit may be higher, the concept is true of ALL
asymmetrically provisioned services (DSL, Cable Modem, even perhaps 56Kbps
dialup...)  Running a server on a network that is not engineered for it will
impact other users.

Should they have engineered the network differently and allowed you to run a
server?  Well that's a different discussion - and basically the costs of
doing so, vs. the few individuals who really care, would make it
un-economical.  That's why "Business" class service is so expensive...    If
you want to run a server, and the TOS doesn't permit it, then get a
different account or ISP - one that allows you to do what you want to do.
But you will end up paying for it.  TANSTAAFL.

Why prudent?  Say you are running an open relay mail server and thus are
generating tons of spam.  If they don't stomp this out, the ISP runs the
risk of the Usenet death penalty, ending up on the black hole lists, etc.

So in order to allow their customers to be functioning members of the
Internet community, the ISP must take active steps to prevent these types of
abuses.  The real problem is that so few ISP's do so.


Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]