Offensive Networking Administration
There must be a better description for the practice, but at least the title is descriptive. My definition: “System or Network Administration that is offensive to end-users.”. The example I have in mind is something I was banging my head against last night. Talking with this user last night, and she was unable to tune to many internet radio stations. Connections simply didn’t work, and they did a day or so ago.
So I tried to help, narrowing down where the problem lay. Since she was using Windows, the natural place to start is corrupted software. Several tests later, we determined it was a problem with networking, not the software she had installed. Here is what we found: her WiFi provider was re-routing requests to port 8000 (typical for internet radio) to port 80 on the same host. Just port 8000.
WTF? The only answer I could come up with last night was that the provider was trying to manage bandwidth usage, since internet radio can be pretty intense for really high quality streams (128kbps or higher). Get 10 users sucking at those HQ streams and you’ve basically filled a T1.
Except for this user, internet radio is one of the reasons she has the service. Offensive Networking Administration.
Another example: broadband providers that re-route or block outgoing port 25 requests. This is a anti-virus or anti-spam measure, but for those of us using our own servers for relaying mail, this simply sucks the big one.
And I won’t get into the activities of big ISPs like AOL which make it very time consuming to keep deliveries to their servers working when YOUR users are recieving spam through aliases on YOUR servers being delivered to the ISP. The customer calls YOU to ask why they’re not getting their e-mail, but it’s the ISP’s action that is causing the problem.
All of this is very aggravating, and besides chewing the poor sot being paid to take my tech support call, I’m not sure how we (as intermediaries or end users) can fix this general practice.
Thoughts?
November 16th, 2005 at 3:05 pm
At one job, I had a manager who was drowning in spam, because the Sanctioned Mail Client didn’t have junk mail filters. I tried to casually suggest other options (Spamassassin, Mail.app, etc.) but all were shot down. Reason: “That’s not the Sanctioned Mail Client.” Why all the effort to maintain the One True Client? “We don’t have the resources to support other clients.”
My personal take on this: It happens because what ought to be the job of the SysAdmin Department (”provide service to their customers/employees/whoever”) just corrupted (by overworked, under-resourced departments most likely) into “do whatever it takes to keep basic service afloat”, which often is equivalent to a sort of Pre-Crime (”remove problems, or likely problems, before they become problems, so you don’t have any problems to solve”).
November 17th, 2005 at 9:56 am
Ah, the One True Mail Client.
Don’t get me wrong, I’m all about being proactive and addressing issues prior to critical mass. As long as the proactive solution is a good solution and not some BS bandaid that will have to be undone because of side effects. So instead of AOL coming up with this nutcase system they use now, they should fund the Russian mob to track spammers to their homes and beat them senseless.
Now THATS a solution!
–T
November 17th, 2005 at 3:07 pm
You Personally advocate a
( ) technical ( ) legislative (x) market-based (x) vigilante
approach to fighting spam. Your idea will not work. Here is why it won’t work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we’ll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
(x) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don’t care about invalid addresses in their lists
(x) Anyone could anonymously destroy anyone else’s career or business
Specifically, your plan fails to account for
(x) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Extreme stupidity on the part of people who do business with Microsoft
( ) Extreme stupidity on the part of people who do business with Yahoo
(x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don’t want the government reading my email
(x) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x) Sorry dude, but I don’t think it would work.
( ) This is a stupid idea, and you’re a fascist for suggesting it.
( ) Nice try, assh0le! I’m going to find out where you live and burn your house down!
November 18th, 2005 at 9:08 am
ROFLMAO. Very cool list.
No, my approach won’t work, I know. If there were a simple solution, it would be implemented now. As long as there are dolts out there buying from spammers, there will be spammers to sell their crap….
–T