EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx

Adam McKenna adam-nanog at flounder.net
Fri Oct 26 19:57:55 UTC 2001


I think that Alex's point is that if you want to *really* have a secure
network, you can't do it by sending out automated mails every time a stray
packet hits your network.  That's likely to cause way more annoyance than any
good it could possibly do.

A much more effective way of proceeding would be to have a person looking at
each and every incident, deciding whether it merits a notice to the offending
network, and then sending a personal, non-threatening mail.

--Adam
-- 
Adam McKenna <adam at flounder.net>   | GPG: 17A4 11F7 5E7E C2E7 08AA
http://flounder.net/publickey.html |      38B0 05D0 8BF7 2C6D 110A



More information about the NANOG mailing list