When Hosting Services fail to act

Recently Brian Krebs wrote an article that mentioned a disturbing fact …


There is no “notice and takedown” law specifically requiring ISPs and Web hosts to police their networks for sites that may serve malicious software.


Well there should be! Now I know not much can be done about foreign ISPs, however the majority of them do have offices in other countries, or run their traffic thru other Networks. Failure to act in a timely fashion not only harms the end-user it generates mistrust in the safety of the Internet itself.


A good example of this is ddl-help(dot)info (85.17.65.7) which also hosts several other sites.



What is disturbing is the fact that F-Secure reported this site in 2005!


We have reported the abuse to the ISP hosting the website.


Yet the malicious files still exist today … Sophos has had a detection since 7 March 2005, so the ISP (AASYS.BIZ) can not deny it didn’t know or wasn’t notified. They should act within 48 hrs. or the reporting authority should be able to file a complaint and some kind of sanctions should be taken against the offending ISP.


It’s not just that one site that is malicious either and there is no excuse for these to still exist …




2 Responses to “When Hosting Services fail to act”

  1. I would imagine that there is a line some ISP do not want to cross when dealing with paying customers and the content they serve. No matter how morally/ethically reprehensible the content may be.

  2. Yes, you are right that there is a line that some ISP do not want to cross, when it comes to paying customers. It’s all about business and money after all, which is a bit sad.

Leave a Reply