From: "Rod Gasson" 

"Bob Lawrence" 
wrote in message
news:1087059977{at}p12.f610.n712.z3.ftn...

> RG> One of our IP addresses is actually on a dynamic link, and even
> RG> that one starts to get 'probed' within MINUTES of us being
> RG> connected.
>
> RG> It really is a jungle out there.
>
>  What are they looking for? Is the probe and attack, or what?

Basically any open ports, or other well known exploits.
They are generally just probes (by script kiddies) but on occasion I have
managed to upset the wrong people who have then work really hard in an
'attack'.

The firewall really does take care of the brunt of such probes/attacks
though so it's all like water of the proverbial ducks back.

Occasionally if we do see a deliberate/definite 'attack' we have no qualms
about adding the originating host to the firewall rules to prevent them even
accessing out legitimate servers (Web, Email, FTP, etc).

> > I'd like to know why Telstra and the rest can't do what the BBS
> > sysops used to do, and filter the unwanted shit.
>
> RG> There are many answers to this one. Firstly, as an Internet
> RG> hosting business I don't want our uplink (Telstra) from
> RG> filtering ANY of the emails destined to ANY of the clients we
> RG> host. We are quite capable of doing this ourselves thank you.
>
>  I assume that Telstra provides two services anyway: professional and
> consumer. Just filter the consumers.

Yeah, lets get rid of the consumers, that'll stop the problem.
Oh, that's not what you meant is it? 

> RG> Secondly, Telstra, etc ultimately base their prices on how much
> RG> data is sent across their network, more spam = more traffic =
> RG> more profit.
>
>  There is an obvious flaw in your reasoning. If that's true, why not
> generate it's own spam?

Because people tend to get *really* upset at having to pay for spam that
originates from their own ISP. Having it come from a different ISP is part
and parcel of having unfiltered email.

We've actually managed to get some of our bills reduced when we've given
evidence (log files)that the abuse we suffered actually originated within
the Telstra network. Fortunately though, in my experience we get very little
abuse originating from within the Telstra network. 99.8% of it originates
outside Australia.

> RG> Thirdly, very little spam actually originates from the Telstra
> RG> servers (or their customers). The bulk of the spam originates
> RG> overseas.
>
>  Exactly! Filter it out as it arrives off the satellite... or better
> still; bounce it back and double the traffic.

There is still the problem of what one person considers spam, another
considers ham.

Example, Gaelyne subsribes to the Breast Cancer mailing list, and needless
to say, there is a LOT of discussion about 'breasts' in this list, and
unless exceptions are placed, almost EVERY spam detection software
availaible will flag 90% of the messages posted to this list as 'spam'.
Sure it is a relatively trivial task to place an exception to this list, but
what of the other lists (possibly ones not even created yet?).  I can't
foresee ANY filter software being made smart enough to cater for these
exceptions to the normal rules, and having these filters in place as it
'arrives off the satelite' WILL cause us to miss legitimate email.

> RG> Fourthly, while one ISP may consider Email promoting Viagra as
> RG> being spam, some people consider it to be 'ham', so trying to
> RG> block 'spam' at such a high level is going to alient and/or
> RG> inconvenience a lot of people. Spam blocking is (or should be)
> RG> a PERSONAL decision.
>
>  It wasn't on Fido... and that worked.

Fido is a small rigidedly controlled network compared to the Internet. I
can't see any spammer making $1000's for spamming fido, but this is oh so
common (and easy to do) with the decentralised nature of the internet.

> RG> The only 'product' being the SSH server for admin purposes.
> RG> This machine doesn't even have a monitor or keyboard connected
> RG> to it. The SSH server can only be accessed via our own machines
> RG> (actually, only MY machine).
>
>  God! Sambo is awkward to use (all right then, Samba). The problem is
> not blocking access... it's that *every* permission has to be granted
> separately. For convenience setting it up, I used SHARE access and
> even so, I can't get past the actual Linux permissions. Bloody thing.

I agree. Samba can be a pig to set up, and getting the linux permissions
correct can be a bit of a headache.  I don't see how this relates to SSH
though?

>  BTW, I bought a new printer, and have since discovered that as well
> as Winmodems there are Winprinters! Bloody thing. Now I'll have to
> wait until someone writes a GDI driver for Linux.

Not having a WinModem or a winPrinter I really can't make any comment about
GDI drivers. I'm pretty sure that I've read they do exist though.

> > > If I must run an executable, then I'll do it on the Linux
> > > machine.
>
> RG> How do you propose to run Windoze executables on a Linux
> RG> machine?
>
> > The way I do now...
>
>  Dual boot. I boot Win31, Win98 and Linux. Linux saves to a Windows
> drive quite happily.

Bugger, I was hoping you'd found a way to do it without resorting to dual
boot.

> RG> The only reason I keep a windoze machine running is because
> RG> because we do our quartarly BAS returns online, and the ATO
> RG> hasn't made a linux version of this software available. I'd
> RG> REALLY like to know how I can run this s/ware on a linux box so
> RG> I can say goodby to windoze forever.
>
>  It's cruel, isn't it?

Very cruel, especially when they first came out with this software they
stated that they WOULD be creating a version suitable for *nix users.  Six
months after making this claim they did a backstep and said they'd dropped
the idea.  :-(

Cheers
Rod



--- ifmail v.2.15