Re: constant attacks - whom to contact?

On 2006-06-24, E. <bellyup@xxxxxxx> wrote:
Chris Kronberg wrote:

For nearly two months now I see constant attacks by a
certain host in the US. Sending mail to the responsible
persons and providers abuse address didn't change a
things. The attacks continue. The next hop upwards
leads over the ocean to Europe, so it is not likely
that anything is going to happen here.
Is there any official address where people can turn
to, when a provider doesn't react? After all there is
a good chance that the host in question is compromised.

Sure, I can set a filter on my side to block the traffic
but that does not solve the initial problem.

Could you post logs or a data capture of the attack?

If I wanted to disclose the details I've had already
done so. The provider in question has a hard struggle
to get back a somewhat good reputation after some really
nasty spam problems. As a matter of fact there was only
one complaint in the public in the last 12 months. Unless
that provider proves to be back on the rogue side I will
not badmouth him more than necessary. ;-) Public disclosure
is the last refuge I want to take.

Anyhow, the problems seems to have been solved finally.
Some providers seem to be veeeeerryyyyy slow.

Bear in mind if you are sending PFW logs or router logs to someone as a
complaint they will just laugh and hit delete.

Sure. I would not laugh but hit delete anyway in that case.

If it is a compromised host sending out the scans try and put them on a
compromised host blacklist. That *may* get their attention.

That is a way to go. Thank you, I'll note that for the
future. :-)

Cheers,

Chris.

.

Relevant Pages

  • Re: [OT] msbsos password recovery
    ... there must be some process to reaccess the resource if it is yours. ... be using hosting provider. ... butt and chose current host. ... linux and get a new remote host that is a linux system host. ...
    (Fedora)
  • Re: Need help with new web site
    ... Provider Whois...: whois.bluehost.com ... something other than FPSE. ... My host has ultra-mail installed in the ... configured to allow for the form handler to work. ...
    (microsoft.public.publisher.webdesign)
  • Re: Is this server, client or jet engine problem?
    ... > Microsoft OLE DB Provider for ODBC Drivers error '80040e4d' ... > I contacted my host and they said that it was because too many users ... Try switching to the native Jet OLEDB provider rather than the obsolete ODBC ... Please reply to the newsgroup. ...
    (microsoft.public.inetserver.asp.db)
  • Re: G3 web server
    ... This will work ok for most personal web sites, but bear in mind your agreement with the provider almost certainly says that you will not run public external services. ... The "A" in ADSL means that your ability to send stuff down the pipe to others is slower than stuff coming up to you, so you will find the connection swamps out quickly. ... That all being said, I host a few sites on a DSL line which works just fine. ...
    (comp.sys.mac.apps)
  • Code for FTP in FP Form Button?
    ... provider. ... Visitor presses button A to download a “White Paper” to read about new ... Visitor fills out a registration form to join a beta program for new ... One of the host providers suggested that I visit, ...
    (microsoft.public.frontpage.programming)