Date: Mon, 15 Sep 2008 12:50:20 +0300 From: "Yury Michurin" <yury.michurin@gmail.com> To: "Ted Mittelstaedt" <tedm@toybox.placo.com>, freebsd-questions@freebsd.org Subject: Re: Being a shell provider - good business? Message-ID: <692c9a9f0809150250s3ea8f99dj43a61211aeaf9118@mail.gmail.com> In-Reply-To: <BMEDLGAENEKCJFGODFOCMEOGCFAA.tedm@toybox.placo.com> References: <200809140959.32653.beech@freebsd.org> <BMEDLGAENEKCJFGODFOCMEOGCFAA.tedm@toybox.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Where you got that idea that Israel kidnap suspects? The sole event, was of Adolf Eichmann<http://en.wikipedia.org/wiki/Adolf_Eichmann>'s, and he wasn't diealing with kiddie porn. Unfortunately pedophiles here get relatively easy punishment. Best regards, Yury Michurin On Mon, Sep 15, 2008 at 6:27 AM, Ted Mittelstaedt <tedm@toybox.placo.com>wrote: > > > > -----Original Message----- > > From: owner-freebsd-questions@freebsd.org > > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Beech Rintoul > > Sent: Sunday, September 14, 2008 10:59 AM > > To: freebsd-questions@freebsd.org > > Cc: Art Vandelay > > Subject: Re: Being a shell provider - good business? > > > > > > On Saturday 13 September 2008, Art Vandelay said: > > > Hello. My friend thinks that being a shell provider for IRC bots > > > and bouncers is very good business. How do I convince him it's not? > > > > > > Sorry for going off-topic and cross-post, but I don't know who else > > > to ask. > > > > Ask him how he's going to deal with all the angry users when one of > > his script kiddie users gets the IP k-lined from all the irc servers. > > Or how he's going to deal with law enforcement after one of his > > accounts uses the shell for nefarious purposes. At the ISP I worked > > for we stopped offering shell accounts to all but our most trusted > > clients for those exact reasons. The only way I would even consider > > it would be to have a block of IPs and jail every user. Even then > > it's a legal and security minefield. > > > > At our ISP we still offer shell accounts. It is not a legal and > security minefield, I don't know where your getting that from. > There isn't anything that a user can do on a shell server that > they can't already do from an IP address on the end of a DSL > line. Of course, we have our shell accounts on a separate server > and that server is behind a bandwidth limiter so they don't get > any more bandwidth than a DSL line would get. > > The only real security issue is that you have to assume that > there is no security -between accounts- and so we provide a > statement to every shell user saying that they have no expectation > of privacy from other shell users. We also disclaim backup > of course - they have to backup their own stuff. > > The fact of the matter is that if you are offering web hosting and > you allow shell scripts, there is nothing preventing someone > from running a CGI application that will give them a shell > prompt on the webserver that they can access from their web > browser. The webmin program has one of these in it, and I'm > sure there's tons of others. > > The real issue seems to be to me that your friend is actively > soliciting customers that he -knows- are going to be using his > service for nefarious purposes. People that do this typically have > a very weak AUP and do not enforce their AUP if it's violated, > and trust me, word gets around if they are like this. > > I would explain to him that > the dangers of doing this is that sooner or later he's going to > snag a child porno guy who will setup an irc bot to trade underage > porno with his other child porno friends, and it won't be long > before the FBI has shown up at the colocate shop that his server > is located at, and put a tap on his server. Every large colocate > farm out there in the US at any given time has at least one > of these servers that the FBI has an active tap on and I can > tell you that when the FBI has gathered enough data that things > will be extremely unpleasant for your friend. He can assume > from the get-go that his server hardware will be gone, and that's > just the beginning of it. > > All of the national providers have rooms with black boxes in > them that only the top senior admin deals with, and that recieve > visits from the men in black from time to time. > > And if the colocate shop is overseas, things can get even more > unpleasant. Let me explain that in the United States, the courts > do not accept as a defense that the defendant was kidnapped in > a foreign country and secretly flown in to stand trial - and while > the CIA doesen't regularly engage in these operations, they do > from time to time. Foreign governments are even worse - Israel > for example, regularly engages in kidnapping suspects from > other countries and has been known to just kill the suspect > if the kidnapping doesen't work out. Your friend definitely > does not want his server in that country. And child porno is one > of the few international crimes that virtually all the world's > governments police forces cooperate on. > > Ted > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?692c9a9f0809150250s3ea8f99dj43a61211aeaf9118>