Yahoo, Google, Microsoft contact?

• Previous message (by thread): Yahoo, Google, Microsoft contact?
• Next message (by thread): Yahoo, Google, Microsoft contact?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 3 Feb 2006, Richard Cox wrote:

>
> On Fri, 03 Feb 2006 12:42:04 -0500
> Martin Hannigan <hannigan at renesys.com> wrote:
>
> > I'd like to see evidence that there is a problem. For example, don't
> > see why these worm lists couldn't have just gone to the abuse address.
>
> Of course that's the right answer.  IN THEORY.  The practice is rather
> different, and that's WHY the need for some direct contact exists.
>
> I followed through with two large UK ISPs, who had both had the list of
> worm IPs sent to their official abuse address.  In neither case had the
> mail been read or passed on.  A copy to their security specialists was
> appreciated, and resulted in much hurried activity.  No, I'm not going
> to identify who they were; there probably would have been many more ISPs
> in that position if I'd looked further.

you are surprised that a URL in email with little useful explanation was
passed over by their ticketting system? Direct access works for small
cases, or important high value targets... Abusing that with a big list, or
massive oversubscription will just cause it to fail.

If you have a large scale problem, use the accepted large scale problem
bucket: abuse@  don't find some lonely person who spends their personal
time to help you on individual cases or high priority items to abuse with
this... 'use the right tool for the job'.

• Previous message (by thread): Yahoo, Google, Microsoft contact?
• Next message (by thread): Yahoo, Google, Microsoft contact?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]