Abuse response [Was: RE: Yahoo Mail Update]
Paul Ferguson
fergdawg at netzero.net
Tue Apr 15 04:46:08 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -- "Frank Bulk - iNAME" <frnkblk at iname.com> wrote:
>72 hours to respond to e-mail sent to the abuse account? That's much too
long -- it should be at least a 4 hour response time during business hours,
and for service providers and operators large enough to staff their network
24x7 for other reasons, 4 hour response time all the time.
>
Right. You're dreaming.
As I mentioned in my presentation at NANOG 42 in San Jose, the
biggest barrier we face in shrinking the "time-to-exploit" window
with regards to contacting people responsible for assisting in
mitigating malicious issues is finding someone to actually
respond.
I'd personally jump for joy if I could count on 72 hours, or less.
Unfortunately, most abuse requests/inquiries fall into a black-hole,
or bounce.
Very rarely do I find a helpful individual at the end of an abuse
address, and that is truly unfortunate.
Me, I have pretty much given up on any domain-related avenues, since
they generally end up in disappointment, and found more successes in
going directly to the owners of the IP allocation, and upstream ISP,
a regional/national CERT/CSIRT, or law enforcement.
Mow, this has no bearing on the original subject (which I have now
forgotten what it is -- oh yeah, something about Yahoo! mail), but
it should be additional proof that the Bad Guys know how to
manipulate the system, the system is broken, and the Bad Guys are
now making much more money than we are. :-)
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
wj8DBQFIBDMNq1pz9mNUZTMRAtuVAJ9dP9ptygn/OrEWu7XsrffzorB5NACgz6dg
vGCfQkUgbyB3QMfcR076VO0=
=0fOY
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG
mailing list