|
Security Incidents
mailing list archives
Re: big increase in ftp scanning
From: Florian Weimer <Florian.Weimer () RUS UNI-STUTTGART DE>
Date: Tue, 14 Nov 2000 10:40:00 +0100
Jan Muenther <jan () RADIO HUNDERT6 DE> writes:
Here in germany there are also some legal problems which sometimes
prevent identifying who was doing the scans. An ISP is only allowed to
keep his logs of who had which IP address at which time as long as he
needs it to bill the customer. At T-Online this is typically up to 4
or 6 weeks, so if you report an incident later, it is not possible for
T-Online to identify the customer.
According to the TKG (Telekommunikationsgesetz -
telecommunications act) every ISP has to keep the customer's
connection logs for 100 days and after that has to delete the
entries.
This time period was recently extended to six months, I think.
Strictly speaking, however, logging is only permitted for billing
purposes here in Germany. Of course, in practice, this is handled
differently...
--
Florian Weimer Florian.Weimer () RUS Uni-Stuttgart DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
 By Date 
By Thread
Current thread:
Re: big increase in ftp scanning Greg Owen (Nov 02)
Re: big increase in ftp scanning Dante Mercurio (Nov 05)
Re: big increase in ftp scanning Jason Potopa (Nov 14)
|
Intro
