|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: What would you tell the White House?
On Sun, 13 Feb 2000, Eric A. Hall wrote: > Ad nauseum. Every week I get probed, hacked on, ping-o-death'd and more, > while every week I send copies of the log to the source' [email protected] > 30% of the time [email protected] is an invalid mailbox that bounces (which is > why I also cc: [email protected]), 60% of the time the message is ignored or not > responded to, and only 10% of the time do I get a response that some > form of action might be taken if they can figure out which user had the > IP address at that moment. Recently called the NOC of a tier1 provider who hadn't responded to my emails about repeated cracking attempts originating from their network. They told me point blank, they bin ALL abuse emails and only act on phone reports. (Whats the point of maintaining an abuse mailbox then? Boggle.) This might seem pretty outrageous to some, yet it is not too different from other tier1 NOCs I have dealt with regarding attacks. Perhaps its time someone did a public audit of how the tier1 NOCs (mis)handle abuse incidents. Since it seems impossible to change company policies until something really negative and really public happens (eg recent DDOS), perhaps this is whats needed. > So, based on my experience, the ISP community isn't taking advantage of > the tools they have to do their own enforcement. It would seem to me > that the first step in saying "we can take care of this ourselves" is to > prove that you're credible. If I were asked, I'd say that the quality of > self-policing to date has been quite miserable. Miserable isn't the word for it. I think there has yet to be a word invented to describe this pathetic state of affairs. -Dan
|