Home page logo

nanog logo nanog mailing list archives

Re: whois
From: Marshall Eubanks <tme () 21rst-century com>
Date: Tue, 24 Oct 2000 10:34:35 -0400

Valdis.Kletnieks () vt edu wrote:

On Tue, 24 Oct 2000 09:53:16 EDT, Marshall Eubanks <tme () 21rst-century com>  said:
Are you really saying that if I tell you that a dial-up user on your network
hacked into my system at some precise time, from a precise IP address
(so that you could probably tell easily which user did it), and did so
in a fashion
which suggested an automated "script kiddie" effort, I should only
expect a response from you if I PAY for it ?!?

Umm... would you be satisfied with a "We've referred it to the appropriate
people" response?

At least here, and probably many other universities, we're stuck not being
able to say much more than that due to student confidentiality rules...

Yes, we take action.  No, we usually can't say what we did.
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

Sure, even a one-liner would generally be enough. If you receive no
response, you assume that you are being ignored. (People with a lot more
experience in this than I have have told me that having such reports
ignored is indeed the norm.) 

It takes work to identify as much as you can about an attack and send it
to the source ISP (or whoever). If they consistently receive no response,
most people will eventually stop doing this work. I think that most
recognize that, many times, such reports won't lead to any specific
results - the ISP
at the other end also has to prioritize their time. But if they aren't made,
how can these people ever be nailed ?

                                   Marshall Eubanks

   Multicast Technologies, Inc.
   10301 Democracy Lane, Suite 201
   Fairfax, Virginia 22030
   Phone : 703-293-9624          Fax     : 703-293-9609     
   e-mail : tme () on-the-i com     http://www.on-the-i.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]