X-SA-Exim-Mail-From: andy@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd0.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN:
X-Spam-Status: No, score=-0.0 required=5.0 tests=NO_RELAYS shortcircuit=no
autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
X-SA-Exim-Version: 4.2.1 (built Wed, 25 Jun 2008 17:14:11 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Subject: Re: [bitfolk] idle curiosity? bank phishing scam,
was Fw: Notice ID:01ZMCX
X-BeenThere: users@???
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Sat, 18 Feb 2012 12:44:05 -0000
--VB8cwN2oRT/o81UX
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi Max,
On Sat, Feb 18, 2012 at 04:14:16AM -0800, Max B wrote:
> Which leads me to ask some questions of this list:
>=20
> 1) Do I have a duty in law to maintain a phishbot-virus-free VPS?
I don't think I've ever heard of a sysadmin being prosecuted for
being incompetent, but I suppose it is theoretically possible.
is extremely rare.
I read a news story recently where the estate of a person that
committed suicide by jumping in front of a train was successfully
sued for negligence by a bystander who was hit and injured by the
dead person's body parts. Since that actually happened, I would
hesitate to say "absolutely not" to the question of if a sysadmin
can be sued if one of their servers does some damage to someone.
More pertinently you have a contractual obligation with us to
maintain your service and not (allow your VPS to) engage in any
abusive activity.
> 2) Can a mandamus order shut down an innocent VPS owner whose server host=
s a phishbot virus?
I don't know what one of those is, but realistically BitFolk, once
presented with evidence of abusive activity, which a customer was
unable to identify/explain/fix, would terminate their service a long
time before the processes of law got around to having a say on the
matter.
This is a good thing because unfortunately trying to bring the law
to bear on an Internet miscreant, especially one in another country,
doesn't tend to work very well unless you are a huge corporation.
Law enforcement for the most part are not interested.
> 3) Has a bitfolk VPS owner ever been targetted by phishbots?=C2=A0 If so,=
what were the symptoms and what were the ramifications?
Customer VPSes are compromised all the time and used to send out
phishing emails, phishing blog comments, participate in denial of
service attacks on other people, do SSH dictionary attacks, host
fake phishing web sites, and so on. I wouldn't say people are
targeted =E2=80=94 people are compromised by widespread scanning for known
exploits and weak passwords.
The abusive activity is
