Dynamic IP log retention = 0?
ross at dillio.net
Thu Mar 12 18:54:33 CDT 2009
Whether Covad chooses to enforce their AUP against port scanning is a
business decision up to them. Again, why worry about things out of your
control, especially when we are talking about port scanning. I would think
people have more pressing issues, guess not.
ross [at] dillio.net
> In message <20090312120816.B668 at egps.egps.com>, "N. Yaakov Ziskind"
>> JC Dill wrote (on Thu, Mar 12, 2009 at 09:02:25AM -0700):
>> > Ross wrote:
>> > There seems to be a big misconception that he asked them to "hand
>> > the info. As I read the OP, he asked Covad to do something about it
>> > and Covad said "we can't do anything about it because we don't have
>> > logs". Here's a quote from the OP:
> The real problem is that Covad claim (second hand) that they can't
> identify the perpetrator(s).
> I've been nudging an operator at Covad about a handful of
> hosts from his DHCP pool that have been attacking -
> relentlessly port scanning - our assets. I've been informed
> by this individual that there's "no way" to determine which
> customer had that address at the times I list in my logs -
> even though these logs are sent within 48 hours of the
> One shouldn't need to have to get the indentities of the perpetrators
> to get AUP enforced. Port scanning is against 99.9% of AUP's.
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the NANOG