Wait until the phishers catchup with the normal spammers and make the
IP
of their websites move every 10 minutes. Personally I'm surprised it hasn't happened already, certainly it will happen if people get efficient at blocking single IPs.
That's why it's better done at the ISP level.
If they have web caches which transparently proxy everything. (dunno how many isp's still do this). But the URL itself can be blocked rather than the IP.
Carriers shouldn't block IP's IMHO.
Can't ISP's just intercept http traffic destined for phishers' sites (based on url matching, not ip) and display a nice html message to the user how their bank account would have been cleaned out if it hadn't been for their nice friendly isp? :) Certainly blatantly blocking ip's at carrier level is rather nasty. what happens if that IP is a large virtual host server? Replacing content (as above) at least allows you to make it obvious to all users whats happening. -Joel
Simon Allard ihug Limited
P +64 9 962 9827 M +64 21 456 412 E simon.allard(a)staff.ihug.co.nz
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog