6

Bulletproof Hosting Providers (BPHS) allow servers containing illegal porn,
malware, organized (cyber)crime, major spam and all this on the WWW?

If Spamhaus can block the entire subnet of such a BPHS why can't the
government? i.e. How can a BPHS combat blocking and tracking?

EDIT: In light of Trend Micro's paper
I found 3 comprehendible methods there: using multilayered VPS with
Nginx reverse proxy is, I must say, feasible. But I didn't understand these two:
1. How can cloudfare function as a whitelisted proxy for a website?
2. What kind of BPHS can afford to move its operations physically every time they are blacklisted?

schroeder
  • 123,438
  • 55
  • 284
  • 319
Manumit
  • 579
  • 1
  • 5
  • 19
  • 1
    Bulletproof hosting providers eventually get shut down, but that takes lots of paperwork and time. Their business is based on that fact. – André Borie Oct 07 '15 at 19:46
  • 2
    First Google hit is about a paper explaining how they stay in business (and other facts): http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/bulletproof-hosting-services-cybercriminal-hideouts-for-lease – schroeder Oct 07 '15 at 19:58
  • Its all the lies. None registar can hold abuses from ICANN and Spamhaus. Cause it's impossible. What about me, I use bpw.sc and I think, their domains are bulletproof. –  Mar 27 '16 at 00:40

2 Answers2

2

Spamhouse can't block subnets at least not a 100% reliable. They can add subnets to their DROP list which can but is not nessecarily followed by every backbone provider. The decission to apply the DROP list is up to the provider.

In most western countries there is a conflict between security and freedom. As a constitutional state they need a legal basis to force someone (Backbone providers in this case) to do something. Implementing a law that provides the ability to censor specific websites or even complete subnets often stands in conflict with the constitution of these states. So its mainly a legal issue and a question of proportionality.

davidb
  • 4,285
  • 3
  • 19
  • 31
  • "but is not nessecarily followed by every backbone provider" Are you referring to e.g. the use of multilayed VPS? – Manumit Oct 07 '15 at 20:59
  • 2
    Do note that Spamhaus doesn't *block* anyone; they publish advisory lists that others may or may not choose to use. – Bob Brown Mar 27 '16 at 02:08
2

There are no bullet proof service providers. There are the ones that sell anonymous services and protect privacy of the owners and they that are used by criminals. If one of those isp is in one country that has no agreement between polices then the origin police has to pay all actions of the destination police and press charges on a court to get authorization for disclosing the owners of the servers.

As in any law abiding country any isp only gives information with a court order. And yes USA court order is not valid outside the USA...

So this makes sometimes the path to close those systems very hard and painfull...$$$

You can't block the on the other hand because in those systems there are also valid business and legal, blocking those business without a specific court order would violate the policy of most companies and also the rules and Internatal laws that many countries have to follow. It might cause isp to lose business Value or customers to another that does not sensurship Trafic.

The impact of blocking spam is almost 0 but the impact of blocking Google for example might make them lose millions...

That risk they are not willing to take.

Hugo
  • 1,701
  • 11
  • 12