Hi guys,

I just had a question, its on an issue, i've been very fortunate so far, and not yet had to tackle, please only providers answer this.

What do you do to clients doing illegal activities? I terminated an account today where the client was attempting to upload warez (i say attempting, because they were caught really fast) and we cancelled their server, gave them a thrashing, wasn't sure what else to do though. What do you guys do? I was tempted to report it officially, but i wasn't sure considering we didn't have any evidence as none of his attempts completed as we caught him rather quickly.

Also, if you report this, whats required? do they take the servers in question?

Thanks :)

i know you said providers only, but may i ask.... how did you catch him/her?

What makes you think he/she was uploading warez in the first place. Surely you can't see what people are uploading (what files) -- was it the amount he/she was transferring? their server that is. or what?

i mean, my servers push out 2mb/second sometimes, but that doesn't mean i'm uploading warez

Besides, if im uploading warez, say from my comp, its going to go at 45k/sec ;) because my cable is slow.

So do you mind telling me how did you even come to the conclusion that this person was doing illegal things

Originally posted by clocker1996
i know you said providers only, but may i ask.... how did you catch him?

What makes you think he/she was uploading warez in the first place. Surely you can't see what people are uploading (what files) -- was it the amount he/she was transferring? their server that is. or what?

i mean, my servers push out 2mb/second sometimes, but that doesn't mean i'm uploading warez

Besides, if im uploading warez, say from my comp, its going to go at 45k/sec ;) because my cable is slow.

So do you mind telling me how did you even come to the conclusion that this person was doing illegal things

Yep, we retain a root password for every server we have, we dont let people change it without giving us a copy, remember we're still a very small company, so right now, this works for us. He requested for a specific port really high up to be opened in the firewall, and i checked to make sure it was open from the outside, connected, got a ftp message, a long long message

so i kinda said "humm, thats a long motd" and noticed something along the lines of "100mbps business connection" "40 gig hdd dump" so i was very suspicious at that time ("i mean what reg server uses that kinda terminology?"). So i logged into the box, looked at disk usage, found it was uh, disappearing quickly, snooped around for the ftpd running on that port, followed its conf over to a general dir and saw some stuff i really didn't like, and shutdown the ports and contacted the user.

He argued it was a "private dedicated server" but i told him take it elsewhere, if i see something wrong, i investigate.

Hope that helped :)

Originally posted by porcupine
Yep, we retain a root password for every server we have, we dont let people change it without giving us a copy, remember we're still a very small company, so right now, this works for us.
What do you do on colocated servers? Certainly, the admins aren't going to give you root to their servers. Also, what happens when a customer changes the pass and forgets to tell you? What if they refuse to give you root due to proprietary content (very legit reason)? (I'm just curious, no biggie).

We've caught a few of these buggers on our shared hosting accounts. Tracked down the user and the directory and removed everything and locked the directory. Fired away a warning message not to use our servers for those kinds of files and the next time we see it we're reporting them and cancelling the account. We log everything from that incident into a file and put it away for any future incidences. Luckily we haven't had any 'seconds' yet. If we do, off to the feds everything goes...

As for dedicated servers and colocation, we don't keep any root passwords unless the customers specifically wants us to have it. We just tell them that if we don't have the root pass on file, we cannot help them with the server should it fail at any time. Some want to give us the pw when it fails, some want to give it to us right away just in case. We don't care either way.

If anyone uses our servers for illegal purposes, we'll find out sooner or later and prosecute (or at the extreme least cooperate with the feds), per our TOS and AUP.

Originally posted by porcupine


Yep, we retain a root password for every server we have, we dont let people change it without giving us a copy, remember we're still a very small company, so right now, this works for us. He requested for a specific port really high up to be opened in the firewall, and i checked to make sure it was open from the outside, connected, got a ftp message, a long long message

so i kinda said "humm, thats a long motd" and noticed something along the lines of "100mbps business connection" "40 gig hdd dump" so i was very suspicious at that time ("i mean what reg server uses that kinda terminology?"). So i logged into the box, looked at disk usage, found it was uh, disappearing quickly, snooped around for the ftpd running on that port, followed its conf over to a general dir and saw some stuff i really didn't like, and shutdown the ports and contacted the user.

He argued it was a "private dedicated server" but i told him take it elsewhere, if i see something wrong, i investigate.

Hope that helped :)

lol what a retard
(him)

he should of just used port 21 for ftp, and erased that long motd, put a normal motd
ya konw?

bu teven then, im sure you would notice a lot of traffic coming every second for hours and hours

eventually you'd find out anyway.

Originally posted by allera

What do you do on colocated servers? Certainly, the admins aren't going to give you root to their servers. Also, what happens when a customer changes the pass and forgets to tell you? What if they refuse to give you root due to proprietary content (very legit reason)? (I'm just curious, no biggie).

We've caught a few of these buggers on our shared hosting accounts. Tracked down the user and the directory and removed everything and locked the directory. Fired away a warning message not to use our servers for those kinds of files and the next time we see it we're reporting them and cancelling the account. We log everything from that incident into a file and put it away for any future incidences. Luckily we haven't had any 'seconds' yet. If we do, off to the feds everything goes...

As for dedicated servers and colocation, we don't keep any root passwords unless the customers specifically wants us to have it. We just tell them that if we don't have the root pass on file, we cannot help them with the server should it fail at any time. Some want to give us the pw when it fails, some want to give it to us right away just in case. We don't care either way.

If anyone uses our servers for illegal purposes, we'll find out sooner or later and prosecute (or at the extreme least cooperate with the feds), per our TOS and AUP.

We actually demand that the customer keeps us updated with a copy of the root password, if they refuse, we state why, if its a huge problem, we dont, but i mean the ftp message was really hard to mis-interperet, nobody within their right minds use those MOTD's with that wording.

Originally posted by porcupine
...but i mean the ftp message was really hard to mis-interperet, nobody within their right minds use those MOTD's with that wording.
I totally agree with ya. :) Stupid people need to stop breeding...

Originally posted by allera

I totally agree with ya. :) Stupid people need to stop breeding...

The darwin awards (thats the one right?) need more sponsoring i suppose (the $1000 cash for families of idiots who kill themselves as a result of sheer stupidity).

i in no way condone what the person did . But im under the impression that with warez and stuff like that , its not a crime until it has caused some monetary damage . I would have let him continued his actions so maybe the feds would have caught him and his leeches in the act .

Originally posted by case
i in no way condone what the person did . But im under the impression that with warez and stuff like that , its not a crime until it has caused some monetary damage . I would have let him continued his actions so maybe the feds would have caught him and his leeches in the act .

.... and if i'd let it continue, i'd be an accomplice to this.

I agree with case, he had a dedicated server with your company. Not to mention who here has never downloaded any so called "warez"?

And I find the people that say the haven't bascially have no access to it. Let the feds deal with it, but we all know they could care less about the next joe running a personal ftp.

I grew up around BBS's and computers, I saw let these people run there FTP's and the Eggdrop bots ;-). The more bandwidth they use the more you make. It's not responsibility to police these people as far I am concerned.

What if the were trading porn, would you also not allow that? Just provide the server and bandwidh your supposed to and let the guy do what he wants..

;-))

im not saying let the people run around doing things that could get yourself in trouble . I was saying let the person continue so the feds could investigate this person , i dont think i did a good job of explaining what i meant , this would involve the feds being interested in what you had to tell them , with all the things going on in the world today , pulling the plug on the person was the probably the best resolution

Originally posted by case
im not saying let the people run around doing things that could get yourself in trouble . I was saying let the person continue so the feds could investigate this person , i dont think i did a good job of explaining what i meant , this would involve the feds being interested in what you had to tell them , with all the things going on in the world today , pulling the plug on the person was the probably the best resolution

That hits back on one of my previous concerns though, loosing money to a fool is bad enough, but i dont need to help put myself out of business, they'd almost surely confiscate the server if that were to happen.

Do you honestly feel the feds were gonna knock on your door? And pirating is so mainstream its not even funny. But I guess if you want to pull the plug, I surely dont have a problem with that ;-)

With too many people trying to alibi and justify to keep the business, I am always gratified to see a fellow host who knows right from wrong and deals directly and swiftly with it. In my opinion, you are to be commended.

in a situtation like this i guess i would call the feds first and give them the ip to the box. Then you cant be held responcible for the warez. then let the fbi use thier tools to track everyone who logs into it. In the meantime continue to keep in contact with the fbi and turn off the account when they tell you to.

Then everyone is happy, you because you got rid of the problem, and the fbi so they could catch another scumbag.

Porcupine,
I believe you did the right thing.

According the the Digital Millennium Copyright Act, ISPs can not be held responsible for policing the content on their webhosting accounts, dedicated servers, or colo accounts. However, they are supposed to react quickly when a copyrighter claims its rights are being violated.
Basically, you are protected from getting in trouble yourself if you have a customer hosting illegal content.

However, because you knew there was illegal content on the boxes, you have no choice but to do something or you can be considered an infringer and can be held liable for contributory infringement

I would say you had no other choice once you found out.


Eric

Originally posted by emoore
Porcupine,
I believe you did the right thing.

According the the Digital Millennium Copyright Act, ISPs can not be held responsible for policing the content on their webhosting accounts, dedicated servers, or colo accounts. However, they are supposed to react quickly when a copyrighter claims its rights are being violated.
Basically, you are protected from getting in trouble yourself if you have a customer hosting illegal content.

However, because you knew there was illegal content on the boxes, you have no choice but to do something or you can be considered an infringer and can be held liable for contributory infringement

I would say you had no other choice once you found out.

Eric

Can you give me a link to that act, i'd actually be very interested in reading it, just as a FYI for myself.

Thanks :)

If they are holding any files such as txt or html [for a warez website] you can try periodic scans with:

fgrep -r 'warez' /home

etc. with simialr keywords.

In our experience with on-line CC Fraud [even quite large amounts] and other illegal Internet matters e.g. warez the FBI couldn't care less, neither could their Internet Branch co-operation with the White Collar Workers no matter how much you hound them to do something. The best thing might be to contact the software developer if you were serious about hard action. They certainly would be interested in prosecuting the user.

Regards,
JS.

From what I've heard, the only developer that really does anything about it is M$...

As a host, the reason you should want warez off your server is that it most likely consumes lots more bandwidth than a legitimate site would.

If there's some kind of moral dilema, or you feel the need to get the government involved in your affairs, perhaps it's time to take a vacation? Just a suggestion. :)

Leave warez dumps up to the universities - they have better pipes anyway :P

I also doubt someone would be using legitimate cash for a dedicated warez dump anyway - I would be more concerned about being frauded against - track down the bastard - wait for the chargeback and break his legs :)

no sane person would run a warez site off a dedicated box that is SIGNED UP WITH THEIR OWN CREDIT CARD..

thats just plain stupid. most likely is a stolen CC that some script kiddie hacked from a unsecure ecommerce site.

so although you think you are going to makes lot of money off this guy, you end up losing when the chargeback gives you a big slap in the face :)

I dont know if you guys are aware of this, but most private ftp's are run on some of the fastest private servers out there. There are plently groups out there that pay there members to courier and release items. Not to mention some of the members of the prominant groups are some of brighest computer people out there.

Goose, anyone who is familiar with the scene knows that ;)

but in this case the ppl running the site are lamers, ppl who need to card servers for a site ;)

and what will you do if customer that has warez ....
is not from USA .... and lives somwhere in let's say china or
eastern europe where warez is still being used on ~90 % computers
even goverments use pirated software
for exaple ~50 software on goverment computers is pirated in Croatia and small users 85% ....


it will be very hard to sue or do anything to them :)

A couple places you can report piracy to are http://www.bsa.org or http://www.spa.org

These are 2 organizations that are mostly comprised of attorneys and will take action as they are on retainer with the large software companies like Microsoft, Oracle, Autodesk, etc..

As for prosecution, the 2 companies above will handle it swiftly as they get a percentage of what damages they can recover.

Piracy is rampant on the net but it has been cracked down quite a bit recently. Large corporatations like MS and Oracle now have huge budgets to combat this and have been known to pay for legal costs the government incurs in a criminal pursuit so that these matters can be resolved quickly.

The best bet with these types is to keep them off of your servers and your network and stay away from them while the big foot of Bill G comes down on them so he can make another 10 or 20 billion.

We promptly terminate any such account. They are not hard to find, either, based on traffic patterns and other identifying information in our logs.

then let the fbi use thier tools to track everyone who logs into it. In the meantime continue to keep in contact with the fbi and turn off the account when they tell you to.

Thats pretty funny. No one cares about a warez server. At the most, they'll get a cease and desist, or the plug pulled by the ISP for an AUP violation.

The only people the BSA cares about are Universities and Companies with large bank accounts.

If I'm mistaken, then please correct me. I'd love to hear about anyone running a warez server (ftp, hotline, http etc...) that got arrested by the FBI.

This is not to say that I'd let clients run a warez server.

I just think people have the wrong idea about warez, that there are actually people investigating jimmie's l33t warez server. I think the FBI is far more concerned about physical piracy of products, bootleg CDs etc... and the BSA is only interested if there is a payoff.

I concur. What about full movies or full albums? what then?

Throw the book at them, anyone you can get your hands on and solve the problem that way. BTW if you listen to me, your asking to goto jail :P

Bleh, most warez now a days goes by hubs (neo-modus and dc++) or p2p apps.

driverdave: I direct you to http://www.cybercrime.gov/ob/OBMain.htm

Originally posted by driverdave
I think the FBI is far more concerned about physical piracy of products, bootleg CDs etc... and the BSA is only interested if there is a payoff.

You can actually burn warez to CD from your hard disk, you know.
:rolleyes:

I think what dave is getting at, is they are after the release groups or people who sell pirate cds as real ones.

Joe Blow downloading the latest albums for himself, they are not too bothered about as it isn't gonna cause an huge impact on their conquest.

James

People actually pay for warez boxes?

What happened to the distro's using 'rooted' boxens?

Weird.

I use to know of one guy who worked for PSINet who had a server hooked up to their backbone.

He was found out and prosecuted.

James

Regardless of the ethics of wether warez is rite or not.

Do you know what sort of kidz warez servers attract ?

You dont get paid for the bandwidth used in dossing, in fact it restricts the amount your other customers can use so you loose money hand over fissed.

Also, if someone wanted to complain about it, how far do they trace the route, they could easily go straight to your upstream provider who inturn dont want the hastle and do something drastic in a worse case scenario.

Believe me, you dont want illegal activity to take place on your network if you can help it, regardless of wether you actually get any incriminating action taken against you, its something that causes you other problems that you could do without!

Good point, 2 tumbs up! :)

I agree with Goose though, If I saw somone uploading warez I would simply turn my back, recheck the credit card, and if it was good, leave it be.

Originally posted by dreamHOBO
I agree with Goose though, If I saw somone uploading warez I would simply turn my back, recheck the credit card, and if it was good, leave it be.

If your ever a network admin and you become the target of a dos attack because of a user like this, you wont be thinking like that ;)

Originally posted by dreamHOBO
I agree with Goose though, If I saw somone uploading warez I would simply turn my back, recheck the credit card, and if it was good, leave it be.

I'd have to say thats a pretty idiotic thing to do.

You could be held 100% liable for the warez on those servers, and charged as if it was your own if you knew it was there, but failed to take any actions whatsoever.

Thats the kind of stupid thing that people do to get shutdown. Look what happened to lightone, they found a user serving child pornography, they asked the user to stop (when they should have outright cancelled his account) then gave the user more warnings but never cancelled him. This is by far much more reckless then that, and an extremely foolish thing to even suggest.

I agree porcupine.
You CANNOT afford to lose your business over these people - so don't cut them slack. If it was just a small amount, ie it isn't on the scale of a warez site then maybe I would warn them to remove it - it depends on the quantity.

James

Absolutely, I think most people here dont get the jist of the ordeal, its alrite turning a blind eye and taking there cash, but there are other consequences beyond law abiding consequences.

People just dont have the time of the day for anyuthing that is going to infringe on there business (i.e. the upstream provider) and its easier for them to blow you away than take any hastle.

Its like letting a known criminal lodge in your house, I guess.

Well, I guess that would be reckless. I would check to see what it was first. Pirated software I would simply delete, Child porn i would report, and anything else I would simply remove and warn, not delete the account and report them.

Bleh, most warez now a days goes by hubs (neo-modus and dc++) or p2p apps.

HAHAHA.

That's like saying the music industry can rest now because Napster is dead.

I agree with the ppl that point out that it is not the moral or legality issue about "warez" but the problems it attracts.....

I used to run a nice small, IRC Network, irc.eliteorbit.net, that we enjoyed to run. We had it up and running for over a year when efnet started being DoS'd to death on a daily basis and the scene needed a new home.... We took on another irc server not knowing they were heavy into the scene and before you knew it we had quadrupled our user base pratically overnight, at the time we thought this was a good thing.
Several months went by and nothing major happened until all the warez and script kiddies started to make us home also. The scene itself might be bright, very intelligent and even peaceful users it is the crowd that eventially follows them that is not.
In less then 3 weeks we were DoS'd so hard and for so long we had to shutdown the network. Almost 1 1/2 years worth of work down the tube because of the kind of ppl that follow the scene and warez.
To me the moral or legality issues are mute, if you allow it to stay on your box you wont have to worry about either for long at all, the script kiddies will make sure of that. :)

Just my opinion, millage may vary.

Almost 1 1/2 years worth of work down the tube because of the kind of ppl that follow the scene and warez.

I doubt it's the "warez scene", considering most of them can't extract rar files.

Oh so nieve ....

Originally posted by jayjay


I doubt it's the "warez scene", considering most of them can't extract rar files.

It's not the people who follow the warez scene that get servers killed, it's stupid warez kiddies. When i see a warez kiddie flooding a channel off 50 wingates going "/join #warez on irc.blahblahblah.net", ircops powerless to stop the wingates, warez kiddie just scans for more, and the ircd is hosted on a 2mbps line (which is typical i find), it doesen't surprise me that out of the thousands of peoples conversations they stop, one of the people does everyone in there the favor and just kills their ircd, spam stops immediatly.

It's not the script kiddies that hang out in the warez channels, it's the idiot warez monkeys that spam that get ircd's DoS'ed typically from what i see.

Originally posted by porcupine
It's not the people who follow the warez scene that get servers killed, it's stupid warez kiddies. When i see a warez kiddie flooding a channel off 50 wingates going "/join #warez on irc.blahblahblah.net", ircops powerless to stop the wingates, warez kiddie just scans for more, and the ircd is hosted on a 2mbps line (which is typical i find), it doesen't surprise me that out of the thousands of peoples conversations they stop, one of the people does everyone in there the favor and just kills their ircd, spam stops immediatly.

It's not the script kiddies that hang out in the warez channels, it's the idiot warez monkeys that spam that get ircd's DoS'ed typically from what i see.

Powerless to stop the wingates? First off you could be running Blitzed Open Proxy Monitor (BOPM) from www.blitzed.org. Scans for open wingates, port 80 and 8080 proxies, open ciscos, and more. Second, the channel with the flood bots could simply be set to +m to halt all conversaions from non voiced or oped users. Bam, problem solved. IRcops aren't powerless to stop attacks, they just need to know how to.


EDIT: And actually it is not the "warez monkeys" responsible for these floods. The vast majority of "Warez monkeys" lack the know-how of launching advertising flood bots or DDoS attacks. It's IS, however, the script kiddies, who download IRC scripts made to load insecure proxies. But these are highly ineffective these days, due to advances in insecure proxy scaning from BOPM and Operserv services.

Floodworld flood monitoring services are another tool commonly used to stop attacks. The Floodworld bot will automatically autokill any spam bots repeating the same phrase over and over again in a channel. I've seen these work with over 300 bots flooding at one time. Powerless? I don't think so.

Originally posted by mushrew
Floodworld flood monitoring services are another tool commonly used to stop attacks. The Floodworld bot will automatically autokill any spam bots repeating the same phrase over and over again in a channel. I've seen these work with over 300 bots flooding at one time. Powerless? I don't think so.

lol,

300 bot floodnet on efnet will leave any channel moderated or helpless. Efnet has a ban limit of 20 hostmasks, hence why spammers use wingates, after that, you can't set any more bans. Sentinel is better for detecting floods, spam, etc. but can only ban so many hosts before efnet finds it, and programming scripts to look for creative ways to ban multiple spammers with one hostmask without affecting other users in the channel (when the channel has 200-600 people in it regularly) isn't something anyone has mastered yet unfortunatly.

Regardless, you're still powerless unless you moderate the channel, then that defeats the whole purpose of having a chat channel.

Onething I have noticed in this post, alot of you really under estimate the knowlege and know-how of these ppl. I have met one or two thru the years of being on the internet (since 92') and on irc (since 95') and they are extremely bright (the scene) and intelligent and in my experience are not McDonald burger flipping HighSchool dropouts but IT specialists, Programers (even ones from big corps like MS), and other computer related services. Now the couriers are alot of the time not as computer literate but none the less not dumb, but neither of these groups are stupid enough to flood chans, or DoS servers, they like to stay low key. It is the warez kiddies that like to think they are part of the scene that go into chan's and do mass invites or advertisings with hundreds of zombied cable machines all which are not running opengates. Then you have the script kiddies who like to scan Winblow boxes for unsecure ports and upload zombie trojans that will get you. Try withstanding getting hit with over 600 insecure zombied cable machines for 3 days straight with very little you can do. Upstream providers do not care WHY they only care that it is being done and they will do whatever it takes to protect their other customers.... hence they cut you off.
Not to mention that these script kiddies are getting more intelligent (or the scripts they get) because they no longer just attack you, hell you might be under one of the worse attacks you could imagine and never know it directly as they just attack the routers about you.

But if you believe that the scene is not intelligent then you are ignorant of facts, some of the most intelligent ppl I have ever met.

Originally posted by porcupine


lol,

300 bot floodnet on efnet will leave any channel moderated or helpless. Efnet has a ban limit of 20 hostmasks, hence why spammers use wingates, after that, you can't set any more bans. Sentinel is better for detecting floods, spam, etc. but can only ban so many hosts before efnet finds it, and programming scripts to look for creative ways to ban multiple spammers with one hostmask without affecting other users in the channel (when the channel has 200-600 people in it regularly) isn't something anyone has mastered yet unfortunatly.

Regardless, you're still powerless unless you moderate the channel, then that defeats the whole purpose of having a chat channel.

I never refered to EFnet did I? I was talking about what networks CAN do to protect themselves, more specifically in response to porcupine about inabilities to protect networks. Sentinel is good but how many of us actually know that it is a TCL script, what a TCL script IS, or what an eggdrop is? Legitimate channels are not going to be hanging around on EFNet, and thus they would have no such need for this thing...but this is totally off topic now. For a legitimate IRC network, there ARE ways to protect the users and the stability of the network and that was what I was trying to point out, that's it.

Oh so nieve ....

Right. The ones who can do things. You don't know. They have private IRCDs.

Legitimate channels are not going to be hanging around on EFNet, and thus they would have no such need for this thing

I have a dozen legitimate channels on efnet that attract such attention for no reason other then their size. If you run an IRCD it's a totally different reason, and then you've got to be asking yourself, how did the kiddies find you, etc. as it shouldn't be on their "to visit" list unless you've got warez or porn on there.

As for the scene getting smarter, i hardly agree. A few people at the top never change, but on a per capita basis, the scene gets stupider by the minute. Script kiddies are highly UN-intelligent, and thats exactly why they're low end script kiddies, they might as well be monkeys putting together RAM in Kuwait, because they just get a script, learn how to use it, and repeat the process over and over and over (they must play ultima online a lot too hahaha).

If you know anything about scene, warez, and/or script kiddies then you know none of them are the samething.

Scene does not distribute the programs they have couriers to do that and they sure the hell are not the ones advertising "#warez" on ircd's. You are talking about two different kinds of ppl here. If you think the people behind the scene are stupid, that is your opinion and I wont waiste my time convincing you otherwise but you will just show your ignorance in this area.

If you are trying to compare kids that run warez chans and mass advertise about warez to the scene or couriers then you are completely confused, they would never act like that. Warez kiddies are just like script kiddies, they get the programs and think they are big and bad, they have no more of a clue what goes into cracking a program them a script kiddie does hacking.

and as porcupine has stated:

It's not the script kiddies that hang out in the warez channels, it's the idiot warez monkeys that spam that get ircd's DoS'ed typically from what i see.

That is absolutely true, warez kiddies are not directly responsible for the DoS'ing but are in fact indirectly responsible for they goto other networks and spam them with your ircd's addy which pisses off the users on that server, do that to enough servers/chans and you are bound to find someone that is willing to do something about it.

The whole point is this, I know from experience:

scene attracts "warez kiddies" which mass messages other networks which results in DoS attacks. So the end result is still the same, just take a look at efnet.

And for the one that said "scene" wouldnt run chans on non-private server, heh... what do you think efnet is famous for? There hospitality? You can find almost every scene represented there... sure they hide behind bnc's so their ip's are untraceable but heck I do that 90% of the time I am on ircd also :)

If you know anything about scene, warez, and/or script kiddies then you know none of them are the samething.

The smart ones don't go around DoS/DDoSing people.

If you are trying to compare kids that run warez chans and mass advertise about warez to the scene or couriers then you are completely confused, they would never act like that. Warez kiddies are just like script kiddies, they get the programs and think they are big and bad, they have no more of a clue what goes into cracking a program them a script kiddie does hacking.

One word: #xxxpasswords. :) Oh wait.. another word www.accessdiver.com :)

You want to see some script kiddies on EFnet? They aren't in warez related channels. One channel, that's all it is about.

Lamer31337: YO, can someone drop XXX.XXX.XXX.XXX?
31337ski11z: sure.

scene attracts "warez kiddies" which mass messages other networks which results in DoS attacks. So the end result is still the same, just take a look at efnet.

EFnet is basically for XDCC whores. Any serious group who has a serious channel on EFnet is stupid. That follows with your comment that I'm going to quote below. If someone has a channel for your "group" on EFnet. You are stupid. You're not seeing the private IRCDs because you're not on them. Alot of groups have XDCC channels on EFnet, but then have a private IRCD.

And for the one that said "scene" wouldnt run chans on non-private server, heh... what do you think efnet is famous for? There hospitality? You can find almost every scene represented there... sure they hide behind bnc's so their ip's are untraceable but heck I do that 90% of the time I am on ircd also

Sure. I do too. I never IRC from without a BNC or SOCKS5 proxy.
EFnet is famous for XDCC bots, back in the day it could have been otherwise. But people are getting smarter. Didn't you see the big busts that happened last year?

Yep I did, and I still know others who havent.

And your still missing the point, but it is pointless to continue this conversation with you

Scene and script kiddies are about the same as peanut butter and jelly.

But hey we all "know" what we think :)

Lots of script kiddies in the "scene", but also lots of people in the scene. Lots of idiots in each "scene".

Alot of idiots on the internet period, but I can only comment on what I know and have dealt with. I can not comment intelligently on something I have no clue about. Which I again stand, on the ones I have dealt with, they are some of the most intelligent ppl I have met, and some of the nicest.

Btw, on your comment about the busts, they were two years ago and while alot of the scene were worried it did nothing to slow down production of cracked software. You can still find any title you want under the sun.

Shall we just wrap this up to a conclusion ?

IF you run a network full of dedicated servers and allow people to run warez related sites, they will always attract the wrong sort of people, regardless of irc or whatever, there all imaterial, whats write or wrong about irc myths has no bearing on the argument, the only truth is people that run warez sites attract the wrong sort of crowd to your network!

Hell, running irc does too, thats why rackshack wouldnt allow it for so long, and now they do they seem to have magical dossings all the time :-/

I would completely agree to that pillhead, anything related to irc, whether it be eggdrops, bnc's, or ircd's just attrack script kiddies of all ages, shape, and sizes.
This is what my original statement ment to say :)

I only speak the truth my friend, I always do ;)

Originally posted by Vwebcom
I would completely agree to that pillhead, anything related to irc, whether it be eggdrops, bnc's, or ircd's just attrack script kiddies of all ages, shape, and sizes.
This is what my original statement ment to say :)

Just like PillHead said, if the kids find out your are allowing such things soon you will have lots of them, most non-payers, giving you a bad reputation in the biz and most likely getting your grave in this biz set!

Btw, on your comment about the busts, they were two years ago and while alot of the scene were worried it did nothing to slow down production of cracked software. You can still find any title you want under the sun.

Right. But alot of people went more underground. XDCC channels got closed. I can't even get my #sour ftp list. Good thing I got other ways to get those though! I'd be dead without my sour.

The busts, two years ago?

The big string of busts were in december, 7 months ago, it was international, and hundreds, if not thousands of people were arrested, with i believe almost every member of Drink or Die, etc.

I'm not sure how anyone could have missed it as the media was plastered with them for about a week and 90% of the spam on efnet died down :D.

oh! i recall when that the largest group, die or drink was busted!!!
One thing i would say about warez on the network, if i m u, i wouldn't lalow any ILLEGAL files or pirated softwares on my network!!! Although i never mind having them hosting only html and image files!

Actually the busts weren't in the thousands...and very few actually were prosecuted for jail time. Most either got fined or let go.

They were still arrested and had all of their equipment confiscated.

Were you the person who AIM'ed me going "big mistake, i woulda left them on my network"? Because whoever that was was pretty silly.

The point of the matter being in this thread, no host worth his salt will allow such things on his network, and how to deal with such things, this wasn't intended to start a nasty discussion on how intelligent script kiddies are, etc.

No that wasn't me...I have never acted in support of piracy in this thread and plus I don't even know your AIM name.

Edit: I was merely commenting on your statement about the busts.

Im wondering this... *theoretically* speaking if you guys had a BOX in your network, sucking LOTS of bandwidth. ALL connections comming tru SSL and all the data encrypted and password protected. (E-commerce kind of security, something like 256bit encryption)

Theres nothing you can actually claim, even if you suspect, even if the site front page says "Warez is the world, leech it".
Because you cant actually prove it.

Even if warez0rz pay with their own legit CC's theres nothing dangerous about this UNLESS their seciruty fails or their "private" users group gets ratted out, or they allow some newbie sh1t into the group that make everything possible to make it easy for himself to get busted and then gives out the server (or servers) keys.

With this your just tied, you cant kick out this site because it would be UNPROFESSIONAL as you dont have any proof.

Also, making it mandatory for a server to give out the root... working or not... its VERY dangerous, for the customer and you (the ISP).

Imagine "John" runs an ecommerce site in your network, and you have his root, John have a list of credit cards with info and someone hack into John's Box and steal the passwords. Even if John were the most stupid newbie using his Windows 98 box with 10 trojans installed and someone just logged his password, your immediatly also a suspect, because you also had the password.

well, i might be 100% wrong about everything i said, since this is just, theoretically speaking.

In a dedicated environment, the provider retains the right to keep a copy of the root password, should they choose to. In a colocated, this may be different as they do not own the server.

I have never had a dedicated host ask for or require my root pwd, in fact all the ones I have used cautioned me to imediately change it once I logged into the box the first time.