[PLUG] Web site URL points to localhost

[Rich Shepard]

On Fri, 23 Sep 2016, brooks at netgate.net wrote:

> It's time we start to defend our Internet borders similar to how we defend
> our actual borders. After helping to build this mess I'm convinced it's
> time to make the Internet a much smaller place. Still allowing anyone
> access, but for most services your worldview would be much smaller than it
> is today.

   I'm strictly an end user who runs his own mail server (but not an
externally-pointed web browser). While not a computer professional I've
observed patterns in e-mail UCE abuse, and my limited understanding of bad
actors has depended a lot on what I read here and on Brian Krebs' blog (and
his book). Seems to me there are certain small steps that can be more easily
taken that _could_ reduce DDoS attacks.

   If it's true that the majority of DDoS attacks use compromised individual
hosts collected into a botnet, seems to me that reducing the number of such
compromised systems would be a good place to start.

   There are two reactions to my reports of spam to the ISP that sent them to
me that continue to puzzle me. One is ISPs that have no published abuse@
address. This is almost universal in Latin American countries based on the
spam that makes it into my inbox.

   The second is more puzzling to me: abuse reports that are rejected
because they contain spam or have malicious attachments. Duh! Really? Isn't
that why an ISP has an abuse@ address in the first place? The sub-set of
this is receiving the bounced message because that username's mailbox is
full and cannot take in more reports.

   While the solution is probably more complex than my understanding, seems
to me that taking compromised hosts off the 'Net until cleaned would be a
good first step. After all, as one famous person once said (or wrote), "when
you're in a hole, stop digging."

Rich