Dealing with infected users (Re: ICMP traffic increasing on most backbones Re: GLBX ICMP rate limiting

• Previous message (by thread): Dealing with infected users (Re: ICMP traffic increasing on most backbones Re: GLBX ICMP rate limiting
• Next message (by thread): Dealing with infected users (Re: ICMP traffic increasing on most backbones Re: GLBX ICMP rate limiting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 01:57 PM 28/08/2003 -0700, Dan Hollis wrote:
>On Thu, 28 Aug 2003, Mike Tancsa wrote:
> > The majority comply and are understanding.
>
>and the rest?

There will always be troublesome customers, but the VAST majority have been 
compliant.  If they dont want to comply to something as reasonable as this, 
they will go to my competitors who will then have to deal with the flood of 
abuse hate mail (I am calling the FBI if you dont fix this), retaliatory 
attacks, black listings etc etc... i.e. they will become a headache for my 
competitors.

Other sites who are large and dont necessarily have the resources to 
immediately find and kill the offending host (with sobig.f the headers will 
often show the NETBIOS name of the sending machine so its not THAT hard to 
find), we will add local rules to contain them for now until they have 
their IT consultants clean it up.

But like I said before, give your CSRs a script.  Explain to the customer 
how this is in their best interest... Most people are reasonable.  We have 
all talked to people who say things like, "I have had 10 different ISPs and 
none have made me do something like this! I demand.......".... remember to 
ask yourself, why have they gone through 10 different ISPs .....

         ---Mike 

• Previous message (by thread): Dealing with infected users (Re: ICMP traffic increasing on most backbones Re: GLBX ICMP rate limiting
• Next message (by thread): Dealing with infected users (Re: ICMP traffic increasing on most backbones Re: GLBX ICMP rate limiting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]