> At the very least, they do have your billing address ;-). > > I send about 1000+ notifications a day from DShield. Sure, > most of them trigger autoreplies. But I find, that some > ISPs do appear to takes some action. (scans stop... maybe > they just change the IP of the scanner). > > I usually get better responses from smaller ISPs and Universities. > Non-auto responses from large ISPs are an exception. I believe there is only one way to stop the Nimda and other similar viruses - to stop them on all firewalls (Cisco can do that for example) on transit. And write autocomplainer (as i did and do) which will notify ISPs about the activity. This can be useful for them. -- Pavel Cheif Information Security Officer
This archive was generated by hypermail 2b30 : Wed May 08 2002 - 13:10:40 PDT