advise on network security report

Sean Donelan sean at donelan.com
Wed Nov 1 22:45:36 UTC 2006


Hint, hint, hint.  When the abuse and security folks at ISPs give 
suggestions on how to best work with them, its sometimes a good idea
to listen.  If you just want to shout "You Suck" at them, please have
a seat in the waiting room and someone will be with you later, possibly
before the heat death of the universe.  If you pay an ISP enough money,
you're paying for the right to shout You Suck at progressively higher
level executives.

ISP security and abuse folks generally know how bad the problems are. That
isn't useful to getting their jobs done.  They usually have better 
information about how bad it is than most third-parties.

ISP security and abuse teams already receive reports from almost every 
group in existence.  After they process the high priority work, e.g. court 
orders from countries around the world, reports from customers, etc; 
figuring out how to make the security and abuse teams lives easier is
the key to getting your complaints to the top of the pile. Rankings of 
other ISPs doesn't change their workload.

Although every ISP security and abuse group is different, I think most of 
them have their favorite third-party sources.  Listening to why they 
like using particular resources over other third-party resources could
help make your third-party resource more relevant to their work.
"You Suck" doesn't help them get home any earlier.



More information about the NANOG mailing list