North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Disabling QAZ (was Re: Port 139 scans)

  • From: Travis Pugh
  • Date: Sat Sep 30 11:44:59 2000

I think hosting a DDoS tool or disruptive trojan is a violation of my
AUP.  I've only found one copy on a customer network, but they seem to
respond well to the "run this .reg file and remove this file to clean your
box or we'll pull the plug" email ... it really doesn't seem to be the
ISPs job to clean our customer's machines, but it is our job to enforce
acceptable use policies.  Why not use that, and leave it up to the
customer to comply or not (with the documented penalties for


On Sat, 30 Sep 2000, Jason Slagle wrote:
> What about saying that the port 7759 connection is an attempt to authorize
> a user connecting to your port 139?
> Jason
> ---
> Jason Slagle - CCNA - CCDA
> Network Administrator - Toledo Internet Access - Toledo Ohio
> - [email protected] - [email protected] - WHOIS JS10172
> Version: 3.12 GE d-- s:+ a-- C++ UL+++ P--- L+++ E- W- N+ o-- K- w---
> O M- V PS+ PE+++ Y+ PGP t+ 5 X+ R tv+ b+ DI+ D G e+ h! r++ y+
> ------END GEEK CODE BLOCK------