North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Exodus Customer Security

  • From: Steve Noble
  • Date: Wed Nov 18 13:51:19 1998

Hello,

	Lets go through this...

On Wed, Nov 18, 1998 at 08:53:04AM -0500, Adam Rothschild wrote:
> 
> All I want is, when such obvious and widespread abuse is coming from their
> (Exodus's) customers, they step in and do *something* (that something
> being contacting the customer, and severing connectivity if the problems
> do not cease in a reasonable amount of time), rather than just ignoring
> this entirely.  Am I being too idealistic here?

Lets see.. you don't count hours of time put in by the NOC and the Engineering
teams to assemble logs, consult other parts of the company, contact the 
customer and get permission to disconnect his machine doing something?  I'm
trying to figure out exactly what you want, and I'm having a lot of trouble.

Its been VERY clearly stated here that the machine was offline reletivly soon
after the first contact was made to the Exodus NOC, I guess you think this is
magic, the machine simply disconnected itself and the problem resolved?

Exodus will not reveal anything else about this situation, just like they
would not reveal anything else if this had been you, or any other customer
who had been compromized.  If the customer feels the need to comment, that is
fine.

The fact of the matter is, I've been on the other side of WAY TOO MANY attacks
to think that Exodus did nothing.  The sheer number of compromized machines on
the Internet at this time is mind boggling.  I personally easily shut down 10
to 20 machines a week, on my own time, by contacting and educating system 
admins.  But there are machines that have been compromized for months and are
STILL active, now THAT I would call not doing something.

I'm noticing you are not commenting on the other machines that are/were hitting
you, maybe its time to turn to an operational view on these postings and talk
about how well those are/have been handled.  I'd like to see exactly how 
responsive everyone else is, and if you have been able to get machines shut
down in less then 3 hours.

> 
> I guess this is more an issue of NSP policy/responsibility/expectations 
> than of Exodus suckage...


-- 
-------------------------------------------------------------------------------
: Steven Noble / Network Janitor / Be free my soul and leave this world alone :
:   My views = My views != The views of any of my past or present employers   :   
-------------------------------------------------------------------------------