Yes, bots use bandwidth. However no hosting customer has ever actually paid for the bandwidth their 'hacked' server has used to attack random places on the Internet. The ISP has to pay for it, because if the ISP tries to enforce a charge for bandwidth a malicious third party used it turns into a gigantic fiasco. -Drew -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Scott Silva Sent: Thursday, February 15, 2007 1:15 PM To: centos at centos.org Subject: [CentOS] Re: Defending againts simultanious attacks Drew Weaver spake the following on 2/15/2007 8:27 AM: > I find it kind of odd that noone has come up with a 'RBL' for bots... > > ISPs could easily receive routes via BGP from "some trusted source" > that has NULL routes for all of the 'infected' hosts which are > attacking people.. > > A few dozen honeypots and you would quickly have a large list of > infected hosts in which to ignore entirely. ISP's are in the market to sell bandwidth. And bots use bandwidth. Even if an ISP would just police it's own address space it would help. At home I have roadrunner, and they have no problem blocking "incoming" port 25 and port 80 traffic, but have no problem letting a connection blast away at everybody outgoing. So I can't have a simple webserver, but I can have a spamming operation. Go figure! -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! _______________________________________________ CentOS mailing list CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos