North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Yahoo, Google, Microsoft contact?
On Fri, 3 Feb 2006, Richard Cox wrote: > > On Fri, 03 Feb 2006 12:42:04 -0500 > Martin Hannigan <[email protected]> wrote: > > > I'd like to see evidence that there is a problem. For example, don't > > see why these worm lists couldn't have just gone to the abuse address. > > Of course that's the right answer. IN THEORY. The practice is rather > different, and that's WHY the need for some direct contact exists. > > I followed through with two large UK ISPs, who had both had the list of > worm IPs sent to their official abuse address. In neither case had the > mail been read or passed on. A copy to their security specialists was > appreciated, and resulted in much hurried activity. No, I'm not going > to identify who they were; there probably would have been many more ISPs > in that position if I'd looked further. you are surprised that a URL in email with little useful explanation was passed over by their ticketting system? Direct access works for small cases, or important high value targets... Abusing that with a big list, or massive oversubscription will just cause it to fail. If you have a large scale problem, use the accepted large scale problem bucket: [email protected] don't find some lonely person who spends their personal time to help you on individual cases or high priority items to abuse with this... 'use the right tool for the job'.
|