advise on network security report
sean at donelan.com
Wed Nov 1 22:45:36 UTC 2006
Hint, hint, hint. When the abuse and security folks at ISPs give
suggestions on how to best work with them, its sometimes a good idea
to listen. If you just want to shout "You Suck" at them, please have
a seat in the waiting room and someone will be with you later, possibly
before the heat death of the universe. If you pay an ISP enough money,
you're paying for the right to shout You Suck at progressively higher
ISP security and abuse folks generally know how bad the problems are. That
isn't useful to getting their jobs done. They usually have better
information about how bad it is than most third-parties.
ISP security and abuse teams already receive reports from almost every
group in existence. After they process the high priority work, e.g. court
orders from countries around the world, reports from customers, etc;
figuring out how to make the security and abuse teams lives easier is
the key to getting your complaints to the top of the pile. Rankings of
other ISPs doesn't change their workload.
Although every ISP security and abuse group is different, I think most of
them have their favorite third-party sources. Listening to why they
like using particular resources over other third-party resources could
help make your third-party resource more relevant to their work.
"You Suck" doesn't help them get home any earlier.
More information about the NANOG