North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Security Intelligence [Was: Re: Netblock reassigned from Chile to US ISP...]

  • From: Luke S Crawford
  • Date: Sat Dec 20 08:13:11 2008

"Brandon Galbraith" <[email protected]> writes:
> But it's definitely not cool when my credit card company cuts off my card
> due to "abnormal charges" when I'm abroad and suddenly can't get ahold of
> customer service via their international phone number. Automation in the
> right places works wonders for both convenience and the bottom line. In the
> wrong places, it's a sawed off shotgun pointed at your feet.

Yeah, in this case, I think getting the rules right is the hard part...
I don't think it matters that much if the rules are executed by a level-1
person vs. a script (the script, I think, would be more consistent, 
at least.)    Sure, if you can afford to page someone good to deal with it, 
that's probably an even better answer, assuming they can get to it quickly, 
but that's much more expensive  than just blocking it.   (I imagine the
right approach depends a lot on what you happen to be charging the customers
in question.)  

Even if you do decide to wait around for an [email protected] complaint to take action,
having the IDS logs of the outgoing traffic makes corroberating an abuse 
complaint much easier.  And it's easy enough to email a human instead of 
shutting off a customer automatically.