lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1989F6F0D512A7428593D724A81986F02390BD@waprdms01.gsm1900.org>
From: Michael.Schmidt at T-Mobile.com (Schmidt, Michael R.)
Subject: A rather newbie question

Thanks,

I use ISA server.  This is my home network, so I probably have nothing that they would be interested in.  I do have two static IP addresses and a DSL line.

-----Original Message-----
From: Elvedin Trnjanin [mailto:elvedin@....org]
Sent: Sunday, May 02, 2004 7:13 AM
To: ald2003@...rs.sourceforge.net
Cc: Schmidt, Michael R.; full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] A rather newbie question

I would suggest not scanning systems you do not own, aren't currently
being attacked by or any such thing like it. Instead of complaining to
your ISP, find the abuse contact for that IP address/hostname and contact
that person since he would be more willing to help rather than your ISP.

Here's an example for one of those IP addresses:
http://www.dnsstuff.com/tools/whois.ch?ip=!NET-63-71-49-0-1&server=whois.arin.net

OrgAbuseHandle: ABUSE3-ARIN
OrgAbuseName:   abuse
OrgAbusePhone:  +1-800-900-0241
OrgAbuseEmail:  abuse-mail@....com

You can search for more under "Abuse Lookup" at http://www.dnsstuff.com

Also, could you share what this "default rule" is? On my firewalls, it's
the system settings rule such as blocking the "Remote Management" port or
ping replies. If your rule is similar to this, you're just wasting
everyones time.

>> If someone could take a quick look through my log file - it is
>> very simple and shows a bazillion requests that are being bounced
>> off my firewall.  I would really appreciate it.  My ISP didn't
>> care and didn't respond when I let him know about all this
>> traffic that was wasting MY bandwidth.  And then they were upset
>
> if the isp does not care about people wasting your bandwidth pay your isp
> less by the cost of the amount of bandwidth consumed by the attacks
> estimate on the extravagent side accompined by a request to null route
> this ip address at a minimum. get your lawyer to talk to them if then do
> not respond!
>
>
>> when I nmapped back to a few addresses and hit some upstream
>> providers router - oh well, live and learn.  They told me they
>> would terminate my contract if I kept that up.  Hey I was just
>> trying to find out who the freaks were that are constantly
>> attacking MY network.
>
> that sure got their attention! just keep this up but after informing the
> isp that if they cannot protect your network then you would have to take
> active steps to protect your network which includes all the network
> scanning and namapping etc
>
>
> -best of luck in dealing with the isp
> aditya
>
>
> ________________________________________________________________________
> Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>


--
Elvedin Trnjanin
elvedin@....org
http://www.ods.org
- ODS.org Team


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ