Re: Reporting malicious people?

On Mon, Nov 1, 2010 at 9:16 AM, ichib0d crane <themadichib0d@xxxxxxxxx> wrote:
I was curious as to what would be the most effective way to report
malicious activity from remote attackers. Who I should contact and
what not. I've tried contacting the ISP of the originating IP but that
seems to rarely work, or even elicit a response most of time.
I generally report it to the WHOIS contacts. I never use web forms,
since (1) we have RFC2142, Mailbox Names for Common Services, Roles
and Functions; and (2) I don't agree to any bull shit the company's
lawyers come up with as a term of service.

If WHOIS does not specify abuse@xxxxxxxxxxx, noc@xxxxxxxxxxx,
secure@xxxxxxxxxxx, security@xxxxxxxxxxx, postmaster@xxxxxxxxxxx, and
hostmaster@xxxxxxxxxxx, they also get the email for completeness. See
section 4 and 5 from the RFC. The result: usually nothing.

So I move on to step two: complain to the BBB. Not only do they get
nailed for the hacking attempt, they also get complaints for (1) not
complying with the RFC, and (2) not ignoring their responsibilities
regarding WHOIS contact. The result: the provider usually responds.

If the registrar is an organization like GoDaddy, I usually file a
complaint against them also. Go Daddy is a registrar, and required to
maintain the WHOIS contact information per their ICANN agreement. See The result: yet
another unsatisfied GoDaddy complaint.



Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442f727d1

Relevant Pages

  • Re: wierd whois problem
    ... My whois client is /usr/bin/whois, ... Registrar: GO DADDY SOFTWARE, INC. ... Users may consult the sponsoring registrar's Whois database to ...
  • Re: Websites mit Malware?
    ... Ein Ausschnitt aus dem Whois ... Domain Name: BEARSOFNAPLES.COM ... Registrar: TUCOWS INC. ... the Data in VeriSign Global Registry ...
  • Re: Possibly not the most fortunate domain name.....
    ... Whois Server Version 2.0 ... Registrar: TUCOWS INC. ... Users may consult the sponsoring registrar's Whois database to ... Registrar of Record: TUCOWS, INC. ...
  • Re: Domain registrar with clue - recommendations please
    ... >> James Taylor wrote: ... >>> I'm looking for a low cost domain registrar that has a free ... >>> whois contact information to be updated, ... > Good DNS control (very handy when you've forgotten to update ...
  • Re: Preventing WHOIS
    ... now anyone can use whois and he'll find ... Avail yourself of the privacy services offered by your registrar. ... Normally, it is an extra-cost option, maybe $9USD or about 78 Swedish ...