mailing list archives
From: Marshall Eubanks <tme () 21rst-century com>
Date: Tue, 24 Oct 2000 10:34:35 -0400
Valdis.Kletnieks () vt edu wrote:
On Tue, 24 Oct 2000 09:53:16 EDT, Marshall Eubanks <tme () 21rst-century com> said:
Are you really saying that if I tell you that a dial-up user on your network
hacked into my system at some precise time, from a precise IP address
(so that you could probably tell easily which user did it), and did so
in a fashion
which suggested an automated "script kiddie" effort, I should only
expect a response from you if I PAY for it ?!?
Umm... would you be satisfied with a "We've referred it to the appropriate
At least here, and probably many other universities, we're stuck not being
able to say much more than that due to student confidentiality rules...
Yes, we take action. No, we usually can't say what we did.
Operating Systems Analyst
Sure, even a one-liner would generally be enough. If you receive no
response, you assume that you are being ignored. (People with a lot more
experience in this than I have have told me that having such reports
ignored is indeed the norm.)
It takes work to identify as much as you can about an attack and send it
to the source ISP (or whoever). If they consistently receive no response,
most people will eventually stop doing this work. I think that most
recognize that, many times, such reports won't lead to any specific
results - the ISP
at the other end also has to prioritize their time. But if they aren't made,
how can these people ever be nailed ?
Multicast Technologies, Inc.
10301 Democracy Lane, Suite 201
Fairfax, Virginia 22030
Phone : 703-293-9624 Fax : 703-293-9609
e-mail : tme () on-the-i com http://www.on-the-i.com