Home page logo
/

nanog logo nanog mailing list archives

Re: black hat .cn networks
From: "Franklin Lian" <Franklin.Lian () globalone net>
Date: Tue, 08 May 2001 12:01:43 -0400


I happened to act as the sysadmin for ChinaNet back in 1995 for a
while, and I come from China so I guess I can help a little bit on
what the sysadmin situation "might be" in China.  However, I can be
completely wrong because I left China in 1998.

Please see my comments interleaved, again this is my personal opinion
only and might not reflect today's situation.  This message will only
help you guys how it was in past.

"neil d. quiogue" wrote:

Well there may be a myriad of reasons on why the admins of those ISPs do not
respond:
1. abuse/postmaster goes to some mailbox no one reads like root which
contains a bunch of other messages.

The training for the sysadmin of China ISP is quite limited and
it is quite possible that some root messages were not readed in
time, it might be read weeks or months later, so even it was read
by sysadmin, he or she might not response due to the delay.

2. Language issue has been mentioned and it's a valid one.  I don't think
many admins are aware of those translators.

The English skill is definitely a big issue for those sysadmins, and
this problem made them harder to master all the techniques required
by sysadmin job.

3. They don't know how to handle such cases.

More or less.  See above no.2 comment.

4. They don't care?

I partially agree.  The no.2 and no.3 contributes to this a lot.

It is very embarrassed that the China ISPs didn't and maybe couldn't 
respond the abuse reports as other ISP operator does in the world,
but I do believe they are making progress everyday along with the
Internet development in China and coordination of networks grows.

Human resource is always a big issue for China PTT.

flian


I don't think the encoding matters much since one is sending from a
non-Big5/SJIS encoding to Big5/SJIS encoding and those that support
Big5/SJIS support the other encodings.  The other way around might be a
problem though.

But the nonresponse is a valid concern.  I wonder if I'll be censored soon.
:-)

Regards,

Neil D. Quiogue
PSINet Hong Kong Ltd.

"Information and attachments herein are intended for the named recipients
only.  It may contain attorney-client privileged or confidential matter.
If you have received this message in error, please notify the sender
immediately, and destroy the original message.  Do not disclose the
contents to anyone.  Thank you."

----- Original Message -----
From: "Dan Hollis" <goemon () anime net>
To: "Wing Wong" <dualwing () pacbell net>
Cc: <nanog () merit edu>
Sent: Tuesday, May 08, 2001 4:50 PM
Subject: RE: black hat .cn networks


On Tue, 8 May 2001, Wing Wong wrote:
On Mon, 7 May 2001, Dan Hollis wrote:
On Tue, 8 May 2001, Paul Lantinga wrote:
Justin, et al, do you have any *proof* that these attacks are coming
from
Chinese attackers on Chinese machines?
We may never know since mainland china admins never respond to abuse
mails.
Ever consider the possibility that the admins in question don't
understand
English? It'd be like if someone sends you a Big5 or SJIS encoded
message
complaining about spam or cracks and all you see is binary jiberish on
your screen.
Even romanized communications would be difficult to understand.

I can use babelfish, why can't they?

Yes, babelfish is less than perfect, but I can usually grok the gist of an
email.

And if babelfish isnt good enough, there's others.

FWIW I've had a chinese friend in canada send a BIG5 email once and the
same -- no response.

-Dan




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]