Even SANS has bought this victim paradigm. 90,000 attacks and we do nothing.
An Email exchange with them.
Thanks for writing in.
Why are those sites up? Usually because they are located in countries that do not have the facilities in place to have them shut down.
Why not take them down as suggested in the blog? Well typically because the machine belongs to someone other than the attacker. It would be like shooting the hostage in order to get the gun the baddie happens to be holding at the time. He'll just pick up another. The other reason many of us have is that in many jurisdictions breaking laws to irritate a lawbreaker is generally frowned upon.
Thanks for replying.
But I disagree with you on the hostage metaphor.
Its more like a sniper is someone Else's house.
Cops don't check to see who own house, don't care they take out the sniper.
I think the right to self defense applies in most nations.
And could be applied here, the right to defend ones self,
from over 90,000 attacks.
The excuse is "he would just use another IP".
does not hold watter.
That paradigm is letting snipers run rampant
because they might move to different IP.
This is not personal.
I know its the current paradigm.
I'm asking these Q to challenge that paradigm,
there are options other than that of "helpless victim."
They are working on some alternatives...
Everybody has been penetrated Government, Big Corps,
Banks Google even.
The Government continues to focus on protecting their
intra nets at the cost of the WWW, they may end up with
secure intra nets with a DEAD cable connection as the
WWW has been taken down by a massive DDOS attack.
The WWW sky is falling, and I'm not chicken little.