On Tue, 7 May 2002, Deus, Attonbitus wrote: > > It is truly sad that so many people are still infected with Nimda. There > is a company with my corporate ISP that I have notified 3 times now that > they are attacking other systems. It seems they can't figure out how not > to install Win2k/IIS5.0 while connected to the net. The sad thing is that > this is a computer company. > > I have seen a site where people have published the IP of the offending > boxes for stuff like Nimda and CR. I am thinking about doing the same > thing so that people can either use that information to block the IP's or > to do whatever they want for that matter. > > I'm curious to see how other feel about this. Is it: > > 1) Recommended. Go for it and publish the IP's and let the "Gods of IP" > sort out the damage. > 2) A Bad Thing. These are innocent victims, and you will just have them be > attacked by evil people. > 3) Boring. Who cares? It's Nimda, and an everyday part of life. Deal with > it and ignore the logs. > > If "1," then I was thinking of going with a "Hall of Shame" and providing > ARIN look ups, contacts, and the whole bit. I could even allow other > people to post logs there and stuff like that... > > Input appreciated. The one problem is the ARIN is not up to date. I have tried to get information removed. I was the owner of some IP 8 years ago. They have been infected, remove the virus and get infected again. Every time their system gets messed up I get 30-50 emails telling me my machines are infected and that I need to do something about them. I have not had any control for 8 years over these IPs. I should not be responsible for them. So the ARIN reports are totally bogus. I am sure others may also have this problem. Thanks, -- Boyd Gerber <gerberbat_private> ZENEZ 3748 Valley Forge Road, Magna Utah 84044
This archive was generated by hypermail 2b30 : Wed May 08 2002 - 14:34:50 PDT