> From owner-incidentsSECURITYFOCUS.COM Thu Jan 25 13:18:06 2001
> Approved-By: ahSECURITYFOCUS.COM
> Delivered-To: incidentslists.securityfocus.com
> Delivered-To: INCIDENTSSECURITYFOCUS.COM
> MIME-Version: 1.0
> Content-Type> : > text/plain> ; > charset=us-ascii>
> Date: Thu, 25 Jan 2001 06:47:20 -0800
> Reply-To: Tim <timv2000YAHOO.COM>
> Sender: Incidents Mailing List <INCIDENTSSECURITYFOCUS.COM>
> From: Tim <timv2000YAHOO.COM>
> Subject: Re: Template Admin Notification
> To: INCIDENTSSECURITYFOCUS.COM
> Content-Length: 1336
>
> IMHO, If you're really serious about helping stop whoever is attacking
> you, rather than ckecking the "I tried to contact them" box, you should be
> using other than e-mail to contact someone who's host sends malicious
> traffic at your site.
>
> 1. You are most likely seeing traffic from a compromised system.
>
> 2. If you suspect that the system is compromised, whoever compromised the
> system may see or intercept your email message giving them ample
> opportunity to clean up after themselves.
>
> 3. Even if whois doesn't have a phone number, it only takes about 2 more
> minutes to find one.
>
> 4. The fact that you took the time to call sends the message that this
> matters to you, and that you care about your system's security far more
> strongly than a form letter.
>
> Tim
>

Tim, what do you do when there's:

i) a language barrier?
i.e. traffic originates from <country-whose-language-you-can't-communicate-in>

or

ii) there's a huge difference in time zones?
i.e. Australia and North American Eastern time.

I don't know about you but my boss wouldn't be too pleased about footing
a long distance call to Australia, Singapore, Hong Kong, Japan, Europe, ...

  Irwin

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]