Re: Publishing Nimda Logs

[Luis Pinto <lmpinto () student dei uc pt>]

On Tue, 7 May 2002, Deus, Attonbitus wrote:

>   I have seen a site where people have published the IP of the offending
>   boxes for stuff like Nimda and CR. I am thinking about doing the same
>   thing so that people can either use that information to block the IP's or
>   to do whatever they want for that matter.
>
>   I'm curious to see how other feel about this. Is it:
>
>   1) Recommended. Go for it and publish the IP's and let the "Gods of IP"
>   sort out the damage.

        Yep. Go ahead. Anything that happens to these suckers who had 
months and months to think about it and reinstall it some 150 times in a 
row deserve any bad publicity they can get. And the old adage "there's no 
such thing as bad advertising" is not allways true.


>   2) A Bad Thing. These are innocent victims, and you will just have them be
>   attacked by evil people.

        People with infected servers will almost certainly be warned, if 
not lots of times, at least once. So, as long as they are sitting ducks 
ignoring people's warnings, they are the evil people. We, that have to 
bear with their atacks are the innocent victims.

>   3) Boring. Who cares? It's Nimda, and an everyday part of life. Deal with
>   it and ignore the logs.

        So is muggling, robbing and raping. But we dont have to ignore it.

>   If "1," then I was thinking of going with a "Hall of Shame" and providing
>   ARIN look ups, contacts, and the whole bit. I could even allow other
>   people to post logs there and stuff like that...

        Great idea. If i can help in any way...

-- 
                                         Regards,
                                        Luis Pinto
-----------------------------------------------------------------------
http://student.dei.uc.pt/~lmpinto PHONE: +351-96-2433471 ICQ #15663369
-----------------------------------------------------------------------
Sysadmin (n): The untrained being underpaid for doing the impossible with
the obsolete.