|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Proper ISP Reporting
From: Leif Ericksen (leife
dls.net)
Date: Thu Aug 18 2005 - 19:20:50 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On top of all that have patience. I work for a large ISP and there is
sometimes is a bureaucratic channel that must be followed that can delay
the response time that you are going to get.
--L
On Wed, 2005-08-17 at 08:20 +0100, Brandon Butterworth wrote:
> > ie. What format the email should be in, sample phrases, or
> > sentences that might help.
>
> Keep it neutral, simple and informative.
>
> Don't threaten or tell them how evil they are, you want their
> cooperation
>
> Only tell them about things they can do something about
>
> Include all evidence, don't anonymise it.
>
> If you don't understand the evidence research it first,
> it may not be their fault. Ask the vendor of whatver tool
> reported the problem - you paid them not the ISP so they should
> be your first call.
>
> > I've been doing this for a while and while some work, some have
> > not. Im wondering if anyone has examples.
>
> We get lots from people running scripts automatically. Almost
> all are a waste of our time and may cause us to miss a genuine
> report.
>
> Common useless reports include -
>
> Reporting 419s or spam that refer to our web sites or include our
> domains/ip addresses as strings in the headers. The 419ers are dumb
> enough to send the same scams to us so we don't need you to tell
> us what they sent you.
>
> Reporting viruses we didn't send - doubly annoying to those of us not
> running commonly susceptible systems, we get the virus anyway from
> people forwarding or bouncing them to us. If your AV system doesn't
> know a virus forges the sender then get a new one as it's broken,
> if it emails a forged sender then disable all email to third
> parties as your reports will be still be ignored should you eventually
> get a proper one.
>
> Reporting our web site/dns server/streaming media server
> dossed you with 3 packets, is trying to take over your computer,
> probed your firewall, invaded your privacy.
>
> regards,
> brandon
--
Leif Ericksen <leifedls.net>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]