>Recently we have been scanning our clients for Code Red vulnrability, as
>well as other performance and latency scans. This has caused a flood of
>angry customers forwarding their personal firewall logs to us, demanding
>that the attacks on their computers be stopped. I assume I am not the only
>one dealing with this problem. Does anyone have a nice canned response, or
>links with information on port scanning and the legalities I can use for
>responses to theese inquiries?

One has to wonder why you didn't send an e-mail notification to your
customers prior
to scanning. Then they could have been prepared for the event to show up and
could have saved the manpower hours they wasted in researching the cause of
the scan. You probably would have saved yourselves at least some of the
grief.

~S~

Disclaimer: My own two cents...

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]