Being a shell provider - good business?
yury.michurin at gmail.com
Mon Sep 15 09:50:21 UTC 2008
Where you got that idea that Israel kidnap suspects?
The sole event, was of Adolf
and he wasn't diealing with kiddie porn.
Unfortunately pedophiles here get relatively easy punishment.
On Mon, Sep 15, 2008 at 6:27 AM, Ted Mittelstaedt <tedm at toybox.placo.com>wrote:
> > -----Original Message-----
> > From: owner-freebsd-questions at freebsd.org
> > [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Beech Rintoul
> > Sent: Sunday, September 14, 2008 10:59 AM
> > To: freebsd-questions at freebsd.org
> > Cc: Art Vandelay
> > Subject: Re: Being a shell provider - good business?
> > On Saturday 13 September 2008, Art Vandelay said:
> > > Hello. My friend thinks that being a shell provider for IRC bots
> > > and bouncers is very good business. How do I convince him it's not?
> > >
> > > Sorry for going off-topic and cross-post, but I don't know who else
> > > to ask.
> > Ask him how he's going to deal with all the angry users when one of
> > his script kiddie users gets the IP k-lined from all the irc servers.
> > Or how he's going to deal with law enforcement after one of his
> > accounts uses the shell for nefarious purposes. At the ISP I worked
> > for we stopped offering shell accounts to all but our most trusted
> > clients for those exact reasons. The only way I would even consider
> > it would be to have a block of IPs and jail every user. Even then
> > it's a legal and security minefield.
> At our ISP we still offer shell accounts. It is not a legal and
> security minefield, I don't know where your getting that from.
> There isn't anything that a user can do on a shell server that
> they can't already do from an IP address on the end of a DSL
> line. Of course, we have our shell accounts on a separate server
> and that server is behind a bandwidth limiter so they don't get
> any more bandwidth than a DSL line would get.
> The only real security issue is that you have to assume that
> there is no security -between accounts- and so we provide a
> statement to every shell user saying that they have no expectation
> of privacy from other shell users. We also disclaim backup
> of course - they have to backup their own stuff.
> The fact of the matter is that if you are offering web hosting and
> you allow shell scripts, there is nothing preventing someone
> from running a CGI application that will give them a shell
> prompt on the webserver that they can access from their web
> browser. The webmin program has one of these in it, and I'm
> sure there's tons of others.
> The real issue seems to be to me that your friend is actively
> soliciting customers that he -knows- are going to be using his
> service for nefarious purposes. People that do this typically have
> a very weak AUP and do not enforce their AUP if it's violated,
> and trust me, word gets around if they are like this.
> I would explain to him that
> the dangers of doing this is that sooner or later he's going to
> snag a child porno guy who will setup an irc bot to trade underage
> porno with his other child porno friends, and it won't be long
> before the FBI has shown up at the colocate shop that his server
> is located at, and put a tap on his server. Every large colocate
> farm out there in the US at any given time has at least one
> of these servers that the FBI has an active tap on and I can
> tell you that when the FBI has gathered enough data that things
> will be extremely unpleasant for your friend. He can assume
> from the get-go that his server hardware will be gone, and that's
> just the beginning of it.
> All of the national providers have rooms with black boxes in
> them that only the top senior admin deals with, and that recieve
> visits from the men in black from time to time.
> And if the colocate shop is overseas, things can get even more
> unpleasant. Let me explain that in the United States, the courts
> do not accept as a defense that the defendant was kidnapped in
> a foreign country and secretly flown in to stand trial - and while
> the CIA doesen't regularly engage in these operations, they do
> from time to time. Foreign governments are even worse - Israel
> for example, regularly engages in kidnapping suspects from
> other countries and has been known to just kill the suspect
> if the kidnapping doesen't work out. Your friend definitely
> does not want his server in that country. And child porno is one
> of the few international crimes that virtually all the world's
> governments police forces cooperate on.
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions