incrediBILL - 1:17 am on May 6, 2008 (gmt 0)

Why should a unique domain name be required simply so I can ssh without knowing my home machine's IP?

Actually, forget getting your own unique domain name because just requiring a small payment for annual forwarding will slow the bot herders down.

Here's a middle ground solution, legit customers with a domain name use my-home-computer.paid.example.com and everything from .paid.example.com is allowed.

Just whack anything unpaid.

Then the bot herder panics, starts using stolen credit cards to pay for these services which result in a massive amount of chargebacks from defrauded card holders.

The massive chargebacks will cause Visa or MC to cancel the DNS service's payment processing account due to all the fraud and it's out of business, problem solved.

Let nature take it's course and all will work out in the end!

The providers themselves, however, have a great deal of responsibility in terms of their signup process, which clearly needs to be tightened up considerably.

Understatement of the decade. ;)

Trust me, if the ISPs suddenly block millions of people from their servers they'll wake up and tighten security.

However, I do think it will require a big sledgehammer approach just like it required to stop open relay SMTPs because the status quo will continue unchanged until someone radically changes the playing field.

[edited by: incrediBILL at 1:20 am (utc) on May 6, 2008]