Re: Reporting malicious people?



On Mon, Nov 1, 2010 at 9:16 AM, ichib0d crane <themadichib0d@xxxxxxxxx> wrote:
I was curious as to what would be the most effective way to report
malicious activity from remote attackers. Who I should contact and
what not. I've tried contacting the ISP of the originating IP but that
seems to rarely work, or even elicit a response most of time.
I generally report it to the WHOIS contacts. I never use web forms,
since (1) we have RFC2142, Mailbox Names for Common Services, Roles
and Functions; and (2) I don't agree to any bull shit the company's
lawyers come up with as a term of service.

If WHOIS does not specify abuse@xxxxxxxxxxx, noc@xxxxxxxxxxx,
secure@xxxxxxxxxxx, security@xxxxxxxxxxx, postmaster@xxxxxxxxxxx, and
hostmaster@xxxxxxxxxxx, they also get the email for completeness. See
section 4 and 5 from the RFC. The result: usually nothing.

So I move on to step two: complain to the BBB. Not only do they get
nailed for the hacking attempt, they also get complaints for (1) not
complying with the RFC, and (2) not ignoring their responsibilities
regarding WHOIS contact. The result: the provider usually responds.

If the registrar is an organization like GoDaddy, I usually file a
complaint against them also. Go Daddy is a registrar, and required to
maintain the WHOIS contact information per their ICANN agreement. See
http://www.icann.org/en/topics/whois-services/. The result: yet
another unsatisfied GoDaddy complaint.

[SNIP]

Jeff

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------