Sunday, June 19, 2011

Bad Internet Citizens

Just about everyone on the Internet has suffered because of bad Internet citizens.  They drop spam in our forums.  They drop it in our email boxes.  They create elaborate methods of copying code to thousands of machines and then use it to attack a business and extort money from it, raising the costs of everything.  What's sad is that the best of them could be writing video games or logistics algorithms or advertising copy.  They could be useful, but instead, they are attracted, like flies to poop, to the freedom the Internet gives them, and our failure to cooperate in an effort to frustrate their depravity.

My proposition is this: Website owners should have a place to register bad IP addresses.   Such a centralized database will provide a method of tracking the decisions of the individuals who are misbehaving, but it provides a valuable resource to everyone with a website.  While spam in forums and email is bothersome and wastes a lot of time, Denial of Service attacks cause much more concentrated damage.  Distributed Denial of Service (DDOS) attacks are much much worse.

Many DDOS attacks are executed on botnets, which consist of computers belonging to naive Internet users.  These users have executed some "unsafe" code which installed "malware" on their computer.  It doesn't do much harm to them, but en masse, it can be directed to wreak havoc on a website business until the owners pay a ransom.  But here comes the catch...

Those users undoubtedly sometimes use other websites that also suffer from DDOS attacks from time to time, and those sites would also benefit from educating the naive owners about the compromise of their systems.  Armed with the fact that several "other victims" have reported their IP address as that of a compromised system, some will choose to deny access for a time, or perhaps until the naive owner submits a log of the output from a cleaning program like Malwarebyte's Anti-Malware.  Others will simply offer the info.

But none will be able to use the system until someone compiles a database of IP addresses used in a DDOS attack, and then puts in the effort to keep it up to date.  That's me.  Can you help?

No comments: