From owner-freebsd-questions@FreeBSD.ORG Mon Sep 15 09:50:21 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44EDD106564A for ; Mon, 15 Sep 2008 09:50:21 +0000 (UTC) (envelope-from yury.michurin@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.173]) by mx1.freebsd.org (Postfix) with ESMTP id 0F40F8FC0A for ; Mon, 15 Sep 2008 09:50:20 +0000 (UTC) (envelope-from yury.michurin@gmail.com) Received: by wf-out-1314.google.com with SMTP id 24so1984388wfg.7 for ; Mon, 15 Sep 2008 02:50:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=tBkGxO25frH6RD6k+VnrAWD/j+Bd8OUN0p31NaiUsSI=; b=iBuAP1jGCbimU3kD0I6eGDEjC3K6Lyo8HXkmEIsMhnnsLF1tb7B6fzyFUuZsk0kPZw H8QoBwIysxflA/D0HodikqeVUQPmgThfm0rv8KsOMjK2GRH7XlQwK0JC87Cm5SqGnQeI X3TWo93mAV38w8lIfWd5a/a9jXy93py0Ivo9w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=Ypc4ETxOLvYZUgtn2G0ndjktJcZy/spay2MnnrVN2b0NAnHlECbBx9rtBbU6S7x+yt V2vhevTLnl8rW273ZBL09/wfE2rZ32wYA6u2FTNhsQ/MFWeEVvtzJlH2RJM4IKIhQZfa qpcCCdbB2CjGJLo0kEiOVTvBYU/X0i7Nt2rIA= Received: by 10.114.57.15 with SMTP id f15mr5898765waa.116.1221472220430; Mon, 15 Sep 2008 02:50:20 -0700 (PDT) Received: by 10.114.174.9 with HTTP; Mon, 15 Sep 2008 02:50:20 -0700 (PDT) Message-ID: <692c9a9f0809150250s3ea8f99dj43a61211aeaf9118@mail.gmail.com> Date: Mon, 15 Sep 2008 12:50:20 +0300 From: "Yury Michurin" To: "Ted Mittelstaedt" , freebsd-questions@freebsd.org In-Reply-To: MIME-Version: 1.0 References: <200809140959.32653.beech@freebsd.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: Being a shell provider - good business? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Sep 2008 09:50:21 -0000 Where you got that idea that Israel kidnap suspects? The sole event, was of Adolf Eichmann's, and he wasn't diealing with kiddie porn. Unfortunately pedophiles here get relatively easy punishment. Best regards, Yury Michurin On Mon, Sep 15, 2008 at 6:27 AM, Ted Mittelstaedt wrote: > > > > -----Original Message----- > > From: owner-freebsd-questions@freebsd.org > > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Beech Rintoul > > Sent: Sunday, September 14, 2008 10:59 AM > > To: freebsd-questions@freebsd.org > > Cc: Art Vandelay > > Subject: Re: Being a shell provider - good business? > > > > > > On Saturday 13 September 2008, Art Vandelay said: > > > Hello. My friend thinks that being a shell provider for IRC bots > > > and bouncers is very good business. How do I convince him it's not? > > > > > > Sorry for going off-topic and cross-post, but I don't know who else > > > to ask. > > > > Ask him how he's going to deal with all the angry users when one of > > his script kiddie users gets the IP k-lined from all the irc servers. > > Or how he's going to deal with law enforcement after one of his > > accounts uses the shell for nefarious purposes. At the ISP I worked > > for we stopped offering shell accounts to all but our most trusted > > clients for those exact reasons. The only way I would even consider > > it would be to have a block of IPs and jail every user. Even then > > it's a legal and security minefield. > > > > At our ISP we still offer shell accounts. It is not a legal and > security minefield, I don't know where your getting that from. > There isn't anything that a user can do on a shell server that > they can't already do from an IP address on the end of a DSL > line. Of course, we have our shell accounts on a separate server > and that server is behind a bandwidth limiter so they don't get > any more bandwidth than a DSL line would get. > > The only real security issue is that you have to assume that > there is no security -between accounts- and so we provide a > statement to every shell user saying that they have no expectation > of privacy from other shell users. We also disclaim backup > of course - they have to backup their own stuff. > > The fact of the matter is that if you are offering web hosting and > you allow shell scripts, there is nothing preventing someone > from running a CGI application that will give them a shell > prompt on the webserver that they can access from their web > browser. The webmin program has one of these in it, and I'm > sure there's tons of others. > > The real issue seems to be to me that your friend is actively > soliciting customers that he -knows- are going to be using his > service for nefarious purposes. People that do this typically have > a very weak AUP and do not enforce their AUP if it's violated, > and trust me, word gets around if they are like this. > > I would explain to him that > the dangers of doing this is that sooner or later he's going to > snag a child porno guy who will setup an irc bot to trade underage > porno with his other child porno friends, and it won't be long > before the FBI has shown up at the colocate shop that his server > is located at, and put a tap on his server. Every large colocate > farm out there in the US at any given time has at least one > of these servers that the FBI has an active tap on and I can > tell you that when the FBI has gathered enough data that things > will be extremely unpleasant for your friend. He can assume > from the get-go that his server hardware will be gone, and that's > just the beginning of it. > > All of the national providers have rooms with black boxes in > them that only the top senior admin deals with, and that recieve > visits from the men in black from time to time. > > And if the colocate shop is overseas, things can get even more > unpleasant. Let me explain that in the United States, the courts > do not accept as a defense that the defendant was kidnapped in > a foreign country and secretly flown in to stand trial - and while > the CIA doesen't regularly engage in these operations, they do > from time to time. Foreign governments are even worse - Israel > for example, regularly engages in kidnapping suspects from > other countries and has been known to just kill the suspect > if the kidnapping doesen't work out. Your friend definitely > does not want his server in that country. And child porno is one > of the few international crimes that virtually all the world's > governments police forces cooperate on. > > Ted > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >