New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
What kinds of Abuse reports does a Web host generally get?
Hi
I was going through few threads here which had mention about Abuse reports, DMCA, Email SPAM, Copyright infringements, etc. But none exactly describe "abuse" as in what sense.
So, I was wondering what kind of "abuse" reports does a web host generally get (leaving aside DMCA, Email SPAM, Copyright, Phishing)
Any link to "kinds of abuse people report" will also do.
Comments
According to what I see here (I'm not a provider), spam and cpu abuse is one of them, and mostly because the server was hacked.
EDIT2: And when the host is the abuser, they are dog rapists.
@imok Not sure he means internal reports and the like, I think he means people complaining to them about abuse on their networks.
Anything from email spam to bruteforce and CP
tittyfish and bad mental hygiene
I meant what type of complaints people send to a web host under the title "abuse reports" to abuse contact email addresses. I'm aware of few kinds that I read here: UCE spam, IP infringements, etc.
Bogus/Fake/Incomplete DCMA takedowns of content
Hentai (loli porns. smh...)
Copy Righted Materials
I would also imagine they would get reports on unlicensed/nulled software the client is running.
Spam, spam, spam, DMCA, spam, spam, Sony PSN hacking attempts, spam, spam, spam
Spam, Bruteforce, DMCA, Spamhaus, Phishing, German Authorities, SpamCop,
And phone calls from German Authorities, K11
asking if we received their letter, German BKA, Lawyers, Netcraft and so on.
Anything can happen. I can't list everything, list would go too long
BitNinja reports - your interwebz has started WW3, kindly sign up to us thanking you.
"spam" as in customers asking silly questions listed in the KB or can be searched on Google?
Mass email sending.
Running free hosting service, despite crap ton of manual verification, one or two will skip the line.
Here is by the order:
Phishing
Spamming
Child porn (mostly hentai/Loli crap)
Failed DMCA
How do you prevent spamers ?
You have to let them in, burn an IP, ask the support to change their IP then ban them?
No way to block/discourage them?
Setup outgoing limits
Monitor usage
Trust Maxmind/FraudLab etc.
If you want to be tough,
Ask for ID verification, super strict TOS with collectable fees.
Just out of curiosity, if a company hosts a client and they have illegal content (spam/disgusting stuff), and they suspend/terminate them immediately upon finding out, is the host responsible legally?
Doesn't work with unmanaged servers unless you're DPIing customer traffic.
Does literally nothing against spam.
Customers with black hat demands generally know their way around these systems.
Works pretty decent on shared hosting. Specially when you have user with crapton of emails going out and bouncing back.
Fends off the basic ones. Something is better than nothing.
Totally.
These are all that just prevents a little. Nothing is perfect
You don't need inspect packet contents (DPI) in order to detect most forms of DoS, attempted amplification attacks, bruteforce attacks; detect and/or rate limit spam at a virtualization host or network level. Packet headers are sufficient.
Copyright infringement via torrents is the one that easily slips by.
Sorry, I should've clarified, I was talking specifically about spam detection. As far as I'm aware, one of the only ways is looking into packet contents on port 25/tcp and looking for "MAIL FROM" or similar
A hashtable of 25/tcp and source ip is fine for rate limiting, no need to inspect contents. I would even suggest that it is best not inspecting contents even if beneficial for spam filtering purposes, as unless your customers opted in to outbound filtering, the contents of the packet may be off limits even for automatic analysis in certain jurisdictions (e.g. Likely the EU)