2017-01-18

Effective Filtration

T-800 Endoskeleton   
Spammers, hackers, and exploits have proven to be a force with which to reckon. After some 20 odd years of being various nodes on the public domain it never ceases to amaze me just how ridiculously persistent other persons on other nodes go after some of my assets or try to make me their commodity and "sell" what they "think" they know about me from ostensibly "mining" various details to their customers.

During the interim I have isolated a number of particularly troublesome spots dominated by data centers and several specific networks in particular. The end result has been quite the effective set of filtration devices and brick walls that I cast into the paths of these people for the sheer reason of maintaining the safety of my assets and those of my customers ... often time having to spot trends and trouble brewing prior to it actually hitting my ports full force.

It also surprises me in the cockroach farm consisting of all those spammers out there how some of them hit me with barrages of unsolicited commercial email with no apparent resistance. Whereas the satisfaction of a "reject" notice generates backscatter held against me, the silent "discard" simply looks like a normal transaction to the offending spammer's server. Oh well, all I can do is be happy in the knowledge that they're not getting through regardless of what they may think.

It surprises my customers how quickly I will decline their access for a single security infraction and how quickly I find them out.

So my log crunching, countermeasure scripting, and painstaking due diligence overseeing it all are working out nicely for me — even if I am viewed with disdain by those who would simply like to have their way with me without resistance; which they quickly learn is far from futile.

The mainstream ISPs are major contributors to what was formerly a fringe element network consisting of various diffuse fragments and some of these guys really need to get a grip. The legislature just wants to tax everything without providing improved services with teeth like spammer and exploit elimination so the DMZ is precisely that. You get out there and you take your chances and if you're a skill less wonder you go for managed services without the frills and if you have a few skills you throw up your shields at the hint of a problem.

This is where I presently am. Monitoring, firewalling, crunching logs, running countermeasures, upgrading hardware to seek and destroy the various works of all too many bad people running around the internet these days. You'd think that others would care about it too, but they don't appear to be concerned or there would be much more in the way of action regarding these troublesome netizens.

"Old, not obsolete."