RE: [Full-Disclosure] A rather newbie question
From: Schmidt, Michael R. (Michael.Schmidt_at_T-Mobile.com)
Date: 05/02/04
- Previous message: Lee: "Re: [Full-Disclosure] A rather newbie question"
- Maybe in reply to: Schmidt, Michael R.: "[Full-Disclosure] A rather newbie question"
- Next in thread: Ethan Vaughn: "RE: [Full-Disclosure] A rather newbie question"
- Reply: Ethan Vaughn: "RE: [Full-Disclosure] A rather newbie question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Elvedin Trnjanin'" <elvedin@ods.org>, ald2003@users.sourceforge.net Date: Sun, 2 May 2004 09:08:45 -0700
Thanks,
I use ISA server. This is my home network, so I probably have nothing that they would be interested in. I do have two static IP addresses and a DSL line.
-----Original Message-----
From: Elvedin Trnjanin [mailto:elvedin@ods.org]
Sent: Sunday, May 02, 2004 7:13 AM
To: ald2003@users.sourceforge.net
Cc: Schmidt, Michael R.; full-disclosure@lists.netsys.com
Subject: RE: [Full-Disclosure] A rather newbie question
I would suggest not scanning systems you do not own, aren't currently
being attacked by or any such thing like it. Instead of complaining to
your ISP, find the abuse contact for that IP address/hostname and contact
that person since he would be more willing to help rather than your ISP.
Here's an example for one of those IP addresses:
http://www.dnsstuff.com/tools/whois.ch?ip=!NET-63-71-49-0-1&server=whois.arin.net
OrgAbuseHandle: ABUSE3-ARIN
OrgAbuseName: abuse
OrgAbusePhone: +1-800-900-0241
OrgAbuseEmail: abuse-mail@mci.com
You can search for more under "Abuse Lookup" at http://www.dnsstuff.com
Also, could you share what this "default rule" is? On my firewalls, it's
the system settings rule such as blocking the "Remote Management" port or
ping replies. If your rule is similar to this, you're just wasting
everyones time.
>> If someone could take a quick look through my log file - it is
>> very simple and shows a bazillion requests that are being bounced
>> off my firewall. I would really appreciate it. My ISP didn't
>> care and didn't respond when I let him know about all this
>> traffic that was wasting MY bandwidth. And then they were upset
>
> if the isp does not care about people wasting your bandwidth pay your isp
> less by the cost of the amount of bandwidth consumed by the attacks
> estimate on the extravagent side accompined by a request to null route
> this ip address at a minimum. get your lawyer to talk to them if then do
> not respond!
>
>
>> when I nmapped back to a few addresses and hit some upstream
>> providers router - oh well, live and learn. They told me they
>> would terminate my contract if I kept that up. Hey I was just
>> trying to find out who the freaks were that are constantly
>> attacking MY network.
>
> that sure got their attention! just keep this up but after informing the
> isp that if they cannot protect your network then you would have to take
> active steps to protect your network which includes all the network
> scanning and namapping etc
>
>
> -best of luck in dealing with the isp
> aditya
>
>
> ________________________________________________________________________
> Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
-- Elvedin Trnjanin elvedin@ods.org http://www.ods.org - ODS.org Team _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Lee: "Re: [Full-Disclosure] A rather newbie question"
- Maybe in reply to: Schmidt, Michael R.: "[Full-Disclosure] A rather newbie question"
- Next in thread: Ethan Vaughn: "RE: [Full-Disclosure] A rather newbie question"
- Reply: Ethan Vaughn: "RE: [Full-Disclosure] A rather newbie question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
