North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: whois

  • From: Marshall Eubanks
  • Date: Tue Oct 24 10:35:31 2000

[email protected] wrote:
> On Tue, 24 Oct 2000 09:53:16 EDT, Marshall Eubanks <[email protected]>  said:
> > Are you really saying that if I tell you that a dial-up user on your network
> > hacked into my system at some precise time, from a precise IP address
> > (so that you could probably tell easily which user did it), and did so
> > in a fashion
> > which suggested an automated "script kiddie" effort, I should only
> > expect a response from you if I PAY for it ?!?
> Umm... would you be satisfied with a "We've referred it to the appropriate
> people" response?
> At least here, and probably many other universities, we're stuck not being
> able to say much more than that due to student confidentiality rules...
> Yes, we take action.  No, we usually can't say what we did.
> --
>                                 Valdis Kletnieks
>                                 Operating Systems Analyst
>                                 Virginia Tech

Sure, even a one-liner would generally be enough. If you receive no
response, you assume that you are being ignored. (People with a lot more
experience in this than I have have told me that having such reports
ignored is indeed the norm.) 

It takes work to identify as much as you can about an attack and send it
to the source ISP (or whoever). If they consistently receive no response,
most people will eventually stop doing this work. I think that most
recognize that, many times, such reports won't lead to any specific
results - the ISP
at the other end also has to prioritize their time. But if they aren't made,
how can these people ever be nailed ?

                                   Marshall Eubanks

   Multicast Technologies, Inc.
   10301 Democracy Lane, Suite 201
   Fairfax, Virginia 22030
   Phone : 703-293-9624          Fax     : 703-293-9609     
   e-mail : [email protected]