>Recently we have been scanning our clients for Code Red vulnrability, as >well as other performance and latency scans. This has caused a flood of >angry customers forwarding their personal firewall logs to us, demanding >that the attacks on their computers be stopped. I assume I am not the only >one dealing with this problem. Does anyone have a nice canned response, or >links with information on port scanning and the legalities I can use for >responses to theese inquiries? One has to wonder why you didn't send an e-mail notification to your customers prior to scanning. Then they could have been prepared for the event to show up and could have saved the manpower hours they wasted in researching the cause of the scan. You probably would have saved yourselves at least some of the grief. ~S~ Disclaimer: My own two cents... ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 10:07:35 PDT