On Tue, 7 May 2002, Deus, Attonbitus wrote: > It is truly sad that so many people are still infected with Nimda. There > is a company with my corporate ISP that I have notified 3 times now that > they are attacking other systems. It seems they can't figure out how not > to install Win2k/IIS5.0 while connected to the net. The sad thing is that > this is a computer company. Send a formal complaint to the ISP. It's their responsability as well as soon as you send a formal complaint. Send a formal complaint by snailmail to that company. Let them sign for receipt. Include logging and such and charge them with: - harrasment. - improper usage of you computer facilities. ..... > I have seen a site where people have published the IP of the offending > boxes for stuff like Nimda and CR. I am thinking about doing the same > thing so that people can either use that information to block the IP's or > to do whatever they want for that matter. I display all seen nimda cases for several months now. (http://hvdkooij.xs4all.nl/logging.cms) I als run earlybird so the owner of the IP block that has an offending machine gets one warning per day informing them of their problem. I am under the impression that it has some impact. (Now ISP's and so will learn about infections within a minute after a machine in their netblock starts harrassing me.) Hugo. -- All email send to me is bound to the rules described on my homepage. hvdkooijat_private http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed May 08 2002 - 08:28:02 PDT