Automated Network Abuse Reporting

• Previous message (by thread): Automated Network Abuse Reporting
• Next message (by thread): Automated Network Abuse Reporting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday, December 29, 2003 11:24 AM [GMT-5=EST], Joel Jaeggli
<joelja at darkwing.uoregon.edu> wrote:

> if you automate abuse reporting you can basically assume that the reciver
> will automate abuse handling. since that has in fact happened as far as i
> can tell the probably of you automated asbuse replaies ever reaching a
> human who cares or can do something about it is effecetivly zero.


Most likely, automated abuse reports will be treated like abuse reports from
users with those lovely software firewalls that whine all the time that their
ISP's nameserver is trying to hack them on port 53 (IE: thrown in with the
rest of the reports in the round filing cabinet on the floor next to the
desk).

I refused to accept automated abuse reports of probes or similar when I was an
ISP netadmin.

Portscans/pingscans/etc are not illegal (and I've seen this sucessfully proven
in court at least once).  They are illegal if you use it to bring down
someone's machine though.

Basically, if I were you, I'd turn your firewall's sensitivity WAY down and
only track events that are obviously attempts to hack.


-- 
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org

The AHBL - http://www.ahbl.org

• Previous message (by thread): Automated Network Abuse Reporting
• Next message (by thread): Automated Network Abuse Reporting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]