North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer
please to not email in html format... yikes! Russ, could you re-mail whatever content you just sent, in plain text? On Tue, Sep 23, 2008 at 11:07 PM, Russell Mitchell <[email protected]> wrote: > MIME-Version: 1.0 > Content-Type: multipart/alternative; boundary="0-593512929-1222225655=:9145" > > --0-593512929-1222225655=:9145 > Content-Type: text/plain; charset=iso-8859-1 > Content-Transfer-Encoding: quoted-printable > > Hello All,=0A=A0=0AIt seems you all missed the memo.=0AAs of about 11PM PST= > Last night 09/22/08, Esthost has been ENTIRELY Shutdown. They no longer ha= > ve ANY Machine on my network.=0A=A0=0AI'm currently starting to monitor som= > e of the public media, such as google, DroneBL, as well as several Anti-Mal= > ware community websites for abuse.=0A=A0=0ABeing that Esthost is now entire= > ly GONE, we should not have any further issues.=0AIn the case that somethin= > g=A0does arise, such as an exploited host, we're currently developing a gam= > e plan for=A0response to=A0the issues.=0ATo make the best effort towards co= > mbatting=A0abuse on our network, here's what I have planned so far for ANY = > Type of abuse:=0AStep 1,=A0Suspend Power to the affected machine.=0AStep 2,= > Call/Email the client whom the affected machine is leased to.=0AStep 3, Al= > low the client=A0the option to=A0investigate the machine further (Nullroute= > access via KVM)=0AStep=A04, Verify the=A0reported content, domain, user, o= > r exploit=A0is patched/eliminated from the machine.=0AStep 5,=A0Remove the = > Nullroute. Allow the machine to return to the network.=0A=A0=0AAny comments= > ? =0A=A0=0AThis is=A0the result of a zero tolerance policy regarding abuse.= > If it's clear that the server owner is the cause of the abusive material e= > tc, the client will then be immediately cancelled. No questions.=A0=0A=0A= > =0AIt seems that this approach will be the best supported by the anti-abuse= > communities, so please let me know your input.=0A=0AThank you for your tim= > e. Have a great day.=0A=A0---=0ARussell Mitchell=0A=0AInterCage, Inc.=0A=0A= > =0A=0A----- Original Message ----=0AFrom: Paul Wall <[email protected]>= > =0ATo: Mark Foo <[email protected]>=0ACc: [email protected]=0ASent: Tues= > day, September 23, 2008 5:46:58 PM=0ASubject: Re: YAY! Re: Atrivo/Intercage= > : NO Upstream depeer=0A=0AHold the rejoicing, Atrivo is back, this time on = > UnitedLayer.=0A=0AI'd contact them, only they seem to change CTOs every mon= > th or two,=0Adoes anybody know who's currently in charge?=0A=0AThank you, a= > nd Drive Slow,=0APaul Wall=0A=0A=0A > --0-593512929-1222225655=:9145 > Content-Type: text/html; charset=us-ascii > > <html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><P>Hello All,</P> > <P> </P> > <P>It seems you all missed the memo.<BR>As of about 11PM PST Last night 09/22/08, Esthost has been ENTIRELY Shutdown. They no longer have ANY Machine on my network.</P> > <P> </P> > <P>I'm currently starting to monitor some of the public media, such as google, DroneBL, as well as several Anti-Malware community websites for abuse.</P> > <P> </P> > <P>Being that Esthost is now entirely GONE, we should not have any further issues.</P> > <P>In the case that something does arise, such as an exploited host, we're currently developing a game plan for response to the issues.</P> > <P>To make the best effort towards combatting abuse on our network, here's what I have planned so far for ANY Type of abuse:</P> > <P>Step 1, Suspend Power to the affected machine.</P> > <P>Step 2, Call/Email the client whom the affected machine is leased to.</P> > <P>Step 3, Allow the client the option to investigate the machine further (Nullroute access via KVM)</P> > <P>Step 4, Verify the reported content, domain, user, or exploit is patched/eliminated from the machine.</P> > <P>Step 5, Remove the Nullroute. Allow the machine to return to the network.</P> > <P> </P> > <P>Any comments? </P> > <P> </P> > <P>This is the result of a zero tolerance policy regarding abuse. If it's clear that the server owner is the cause of the abusive material etc, the client will then be immediately cancelled. No questions. </P> > <DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif"> > <DIV></DIV> > <DIV> </DIV> > <DIV>It seems that this approach will be the best supported by the anti-abuse communities, so please let me know your input.</DIV> > <DIV> </DIV> > <DIV>Thank you for your time. Have a great day.<BR> </DIV>---<BR>Russell Mitchell<BR> > <DIV>InterCage, Inc.<BR></DIV> > <DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif"><BR> > <DIV style="FONT-SIZE: 13px; FONT-FAMILY: arial, helvetica, sans-serif">----- Original Message ----<BR>From: Paul Wall <[email protected]><BR>To: Mark Foo <[email protected]><BR>Cc: [email protected]<BR>Sent: Tuesday, September 23, 2008 5:46:58 PM<BR>Subject: Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer<BR><BR>Hold the rejoicing, Atrivo is back, this time on UnitedLayer.<BR><BR>I'd contact them, only they seem to change CTOs every month or two,<BR>does anybody know who's currently in charge?<BR><BR>Thank you, and Drive Slow,<BR>Paul Wall<BR><BR></DIV></DIV></DIV></div><br> > > </body></html> > --0-593512929-1222225655=:9145-- > > >
|