Security Basics mailing list archives
Re: Reporting malicious people?
From: TAS <p0wnsauc3 () gmail com>
Date: Wed, 3 Nov 2010 01:48:32 +0530
I am not sure if there is some written protocol or guideline to reports incidents. But however, if you are keen on reporting incidents then you could try reporting incidents on hxxp://www.phishtank.com/ . You can enumerate the DNS info of the ISP to whom the IP address range belongs to and report the incident on the email address mentioned there. Usually it is abuse () ISPNAME com . Also most of the ISP's have a descent ticketing system where you can simply log a ticket with certain priority and wait for them to react to it. Yahoo!, BigDaddy etc have forms that you need to submit for them to react to. They are prompt most of the time. The key here is the right contact email. A very good resource for the right email address is hxxp://abuse.net. Hope that helps - TAS hxxp://twitter.com/p0wnsauc3 On 1 November 2010 18:46, ichib0d crane <themadichib0d () gmail com> wrote:
I was curious as to what would be the most effective way to report malicious activity from remote attackers. Who I should contact and what not. I've tried contacting the ISP of the originating IP but that seems to rarely work, or even elicit a response most of time. Heres a kicker to, it's quite often that after investigating malicious activity that I find a lot more personal detail's that skiddies and phishers would prefer I didn't have. Who would I give this info to, and how to contact them? For example, I browsed my spam folder recently and found a simple nigerian scam. I pulled the simple 'hackers dont fall for this' ploy (and no, I really don't care if the label applies or not, its just useful if they think so) and I have the guy immediately eating out of my hands, thinking im ACTUALLY going to be a business partner. I lied my way out of handing out contact info and instead elicited HIS contact information. I've got a number,(possible) name, his home country, IP + ISP. If I scrounge up change for a pay phone I can probably get even more concrete details. But I have no clue what to actually DO with any of this information, and I rather NOT just leave this guy alone on his merry scamming ways :) Any advice would be appreciated! Gage Bystrom ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Reporting malicious people? ichib0d crane (Nov 02)
- Re: Reporting malicious people? security (Nov 02)
- Re: Reporting malicious people? Adam Mooz (Nov 02)
- Re: Reporting malicious people? TAS (Nov 02)
- Re: Reporting malicious people? Jeffrey Walton (Nov 02)
- Message not available
- Re: Reporting malicious people? ichib0d crane (Nov 09)
- RE: Reporting malicious people? Brad Bemis (Nov 09)