The key to an anti-hacker ISP association would be
a very special ip address / contact person lookup database.
ie: who/how to contact for the 'SWAT' response for a particular IP
When we have had attacks such as root exploits, we have notified the
source (at least,
the ISP hosting the immediate source) as to the date, time, IP address, etc.
(In one case, the attack appeared to come from a dial-up address in Germany,
so I thought we had them.) We have NEVER received a response. From
conversations at meetings, etc., I understand that this is typical - almost
universal - and that it would be naive to expect other ISPs to actually
about being a source for attacks.
Maybe a start would be to a BCP for some level of minimal response if
an attack, and a "web site of shame" listing those domains that source
attacks and do nothing about it when notified.
Multicast Technologies, Inc.
10301 Democracy Lane, Suite 201
Fairfax, Virginia 22030
Phone : 703-293-9624 Fax : 703-293-9609
e-mail : tme () on-the-i com http://www.on-the-i.com