Re: Reporting malicious people?

[TAS <p0wnsauc3 () gmail com>]

I am not sure if there is some written protocol or guideline to
reports incidents. But however, if you are keen on reporting incidents
then you could try reporting incidents on hxxp://www.phishtank.com/ .
You can enumerate the DNS info of the ISP to whom the IP address range
belongs to and report the incident on the email address mentioned
there. Usually it is abuse () ISPNAME com . Also most of the ISP's have a
descent ticketing system where you can simply log a ticket with
certain priority and wait for them to react to it. Yahoo!, BigDaddy
etc have forms that you need to submit for them to react to. They are
prompt most of the time. The key here is the right contact email.

A very good resource for the right email address is hxxp://abuse.net.

Hope that helps

-
TAS
hxxp://twitter.com/p0wnsauc3



On 1 November 2010 18:46, ichib0d crane <themadichib0d () gmail com> wrote:
> I was curious as to what would be the most effective way to report
> malicious activity from remote attackers. Who I should contact and
> what not. I've tried contacting the ISP of the originating IP but that
> seems to rarely work, or even elicit a response most of time.
>
> Heres a kicker to, it's quite often that after investigating malicious
> activity that I find a lot more personal detail's that skiddies and
> phishers would prefer I didn't have. Who would I give this info to,
> and how to contact them?
>
> For example, I browsed my spam folder recently and found a simple
> nigerian scam. I pulled the simple 'hackers dont fall for this' ploy
> (and no, I really don't care if the label applies or not, its just
> useful if they think so) and I have the guy immediately eating out of
> my hands, thinking im ACTUALLY going to be a business partner. I lied
> my way out of handing out contact info and instead elicited HIS
> contact information. I've got a number,(possible) name, his home
> country, IP + ISP. If I scrounge up change for a pay phone I can
> probably get even more concrete details. But I have no clue what to
> actually DO with any of this information, and I rather NOT just leave
> this guy alone on his merry scamming ways :)
>
> Any advice would be appreciated!
>
> Gage Bystrom
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------