Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 15 Sep 2008 12:50:20 +0300
From:      "Yury Michurin" <yury.michurin@gmail.com>
To:        "Ted Mittelstaedt" <tedm@toybox.placo.com>, freebsd-questions@freebsd.org
Subject:   Re: Being a shell provider - good business?
Message-ID:  <692c9a9f0809150250s3ea8f99dj43a61211aeaf9118@mail.gmail.com>
In-Reply-To: <BMEDLGAENEKCJFGODFOCMEOGCFAA.tedm@toybox.placo.com>
References:  <200809140959.32653.beech@freebsd.org> <BMEDLGAENEKCJFGODFOCMEOGCFAA.tedm@toybox.placo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Where you got that idea that Israel kidnap suspects?
The sole event, was of Adolf
Eichmann<http://en.wikipedia.org/wiki/Adolf_Eichmann>'s,
and he wasn't diealing with kiddie porn.

Unfortunately pedophiles here get relatively easy punishment.

Best regards,
Yury Michurin

On Mon, Sep 15, 2008 at 6:27 AM, Ted Mittelstaedt <tedm@toybox.placo.com>wrote:

>
>
> > -----Original Message-----
> > From: owner-freebsd-questions@freebsd.org
> > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Beech Rintoul
> > Sent: Sunday, September 14, 2008 10:59 AM
> > To: freebsd-questions@freebsd.org
> > Cc: Art Vandelay
> > Subject: Re: Being a shell provider - good business?
> >
> >
> > On Saturday 13 September 2008, Art Vandelay said:
> > > Hello. My friend thinks that being a shell provider for IRC bots
> > > and bouncers is very good business. How do I convince him it's not?
> > >
> > > Sorry for going off-topic and cross-post, but I don't know who else
> > > to ask.
> >
> > Ask him how he's going to deal with all the angry users when one of
> > his script kiddie users gets the IP k-lined from all the irc servers.
> > Or how he's going to deal with law enforcement after one of his
> > accounts uses the shell for nefarious purposes. At the ISP I worked
> > for we stopped offering shell accounts to all but our most trusted
> > clients for those exact reasons. The only way I would even consider
> > it would be to have a block of IPs and jail every user. Even then
> > it's a legal and security minefield.
> >
>
> At our ISP we still offer shell accounts.  It is not a legal and
> security minefield, I don't know where your getting that from.
> There isn't anything that a user can do on a shell server that
> they can't already do from an IP address on the end of a DSL
> line.  Of course, we have our shell accounts on a separate server
> and that server is behind a bandwidth limiter so they don't get
> any more bandwidth than a DSL line would get.
>
> The only real security issue is that you have to assume that
> there is no security -between accounts- and so we provide a
> statement to every shell user saying that they have no expectation
> of privacy from other shell users.  We also disclaim backup
> of course - they have to backup their own stuff.
>
> The fact of the matter is that if you are offering web hosting and
> you allow shell scripts, there is nothing preventing someone
> from running a CGI application that will give them a shell
> prompt on the webserver that they can access from their web
> browser.  The webmin program has one of these in it, and I'm
> sure there's tons of others.
>
> The real issue seems to be to me that your friend is actively
> soliciting customers that he -knows- are going to be using his
> service for nefarious purposes.  People that do this typically have
> a very weak AUP and do not enforce their AUP if it's violated,
> and trust me, word gets around if they are like this.
>
> I would explain to him that
> the dangers of doing this is that sooner or later he's going to
> snag a child porno guy who will setup an irc bot to trade underage
> porno with his other child porno friends, and it won't be long
> before the FBI has shown up at the colocate shop that his server
> is located at, and put a tap on his server.  Every large colocate
> farm out there in the US at any given time has at least one
> of these servers that the FBI has an active tap on and I can
> tell you that when the FBI has gathered enough data that things
> will be extremely unpleasant for your friend.  He can assume
> from the get-go that his server hardware will be gone, and that's
> just the beginning of it.
>
> All of the national providers have rooms with black boxes in
> them that only the top senior admin deals with, and that recieve
> visits from the men in black from time to time.
>
> And if the colocate shop is overseas, things can get even more
> unpleasant.  Let me explain that in the United States, the courts
> do not accept as a defense that the defendant was kidnapped in
> a foreign country and secretly flown in to stand trial - and while
> the CIA doesen't regularly engage in these operations, they do
> from time to time.  Foreign governments are even worse - Israel
> for example, regularly engages in kidnapping suspects from
> other countries and has been known to just kill the suspect
> if the kidnapping doesen't work out.  Your friend definitely
> does not want his server in that country.  And child porno is one
> of the few international crimes that virtually all the world's
> governments police forces cooperate on.
>
> Ted
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe@freebsd.org"
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?692c9a9f0809150250s3ea8f99dj43a61211aeaf9118>