Re: Interesting Apache logs
From: Alan J. Flavell (flavell@mail.cern.ch)Date: 03/26/02
- Previous message: those who know me have no need of my name: "Re: Interesting Apache logs"
- In reply to: Barry Margolin: "Re: Interesting Apache logs"
- Next in thread: Barry Margolin: "Re: Interesting Apache logs"
- Next in thread: those who know me have no need of my name: "Re: Interesting Apache logs"
- Reply: Barry Margolin: "Re: Interesting Apache logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Alan J. Flavell" <flavell@mail.cern.ch> Date: Tue, 26 Mar 2002 01:00:49 +0100
On Mar 25, Barry Margolin inscribed on the eternal scroll:
> I remember the furor that arose last year when many ISPs started blocking
> port 80 inbound to residential customers, to prevent propagation of Code
> Red and NIMDA. They're damned if they do, damned if they don't.
Sounds as if they hadn't thought-through their AUP beforehand.
> What you should do is report the problem to the Abuse departments of the
> appropriate ISPs.
Who'll then send back an anodyne recorded statement saying they've
passed the victim's details on to their abusive customer and can't
tell you anything more about what happened.
> Then they can track down the customers and tell them to
> fix their systems.
ipchains does a nice job, but I find it works best with large
netblocks. *)
I'm sorry: we (back at the campus - at cern I'm just another user and
it's none of my business what their security scanner gets up to) try
not to wait for victims to complain: known abuses are tested for, and
nipped in the bud. I'm not saying that cases don't slip through, of
course they do, but I'd like to see a more pro-active approach from
other providers.
FYI our network provider tried nearly 500 different ways to get our
mailer to relay spam over the past weekend. If they succeeded, we'll
get a formal notice, and if we fail to attend to it, we'd get shut
down.
And (with my deputy postmaster hat on) I'm all in favour of it.
ttfn
*) please adjust your irony threshold as necessary
- Next message: bsduser: "Re: ICMP Redirect interpretation"
- Previous message: those who know me have no need of my name: "Re: Interesting Apache logs"
- In reply to: Barry Margolin: "Re: Interesting Apache logs"
- Next in thread: Barry Margolin: "Re: Interesting Apache logs"
- Next in thread: those who know me have no need of my name: "Re: Interesting Apache logs"
- Reply: Barry Margolin: "Re: Interesting Apache logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
