Security Incidents mailing list archives
Re: dos from .kr, plus some classic .kr irresponsibility
From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Tue, 8 Aug 2000 11:08:14 +1200
On Fri, 4 Aug 2000 17:11:42 -0700 Jason Storm <sec () ORGONE NEGATION NET> wrote:
I can forgive people for admin'ing rootable boxes. I can forgive people for letting their boxes be involved in attacks. But what type of clownshow cant even maintain an ARIN contact?
I think you are being unfair, this problem is not restricted to Korea or even Asia in general. I regularly find that contacts in NIC databases are out of date, this goes for US, European and Australasian sites as well as those in Asia. As a rule of thumb I don't bother with NIC contact unless it is a generic (eg. postmaster, or noc) or if the last updated time stamp is less than 12 - 18 months old. I would strongly encourage everyone to change their NIC contact to a generic address that will always be monitored. It is too easy for people to leave and nobody remembers that they were down as the contact for an address block. This happened to us at one time a few years back. While on the topic of ARIN contacts I also wish that ARIN would display a comment line or allow more than one contact. I want to add a comment to our entry along the lines of: "For security or net abuse related matters contact <security () auckland ac nz>" and leave the ordinary contact as 'postmaster'. I also wish that the various NICs would standardize formats etc to make automated, recursive searches of the various databases easier. But then you all know what they say about wishes ;-) Cheers, Russell
Current thread:
- HELO/EHLP attack?. Lic. Rodolfo Gonzalez Gonzalez (Aug 03)
- Re: HELO/EHLP attack?. Ryan Yagatich (Aug 04)
- Re: HELO/EHLP attack?. Valdis Kletnieks (Aug 07)
- Re: HELO/EHLP attack?. Michal Zalewski (Aug 07)
- dos from .kr, plus some classic .kr irresponsibility Jason Storm (Aug 07)
- Re: dos from .kr, plus some classic .kr irresponsibility Russell Fulton (Aug 08)
- Re: dos from .kr, plus some classic .kr irresponsibility Maddy (Aug 09)
- Re: dos from .kr, plus some classic .kr irresponsibility Dan Hollis (Aug 09)
- Re: dos from .kr, plus some classic .kr irresponsibility Jose Nazario (Aug 10)
- Re: dos from .kr, plus some classic .kr irresponsibility Dan Hollis (Aug 10)
- Re: dos from .kr, plus some classic .kr irresponsibility Dan Hollis (Aug 10)
- Re: HELO/EHLP attack?. Ryan Yagatich (Aug 04)
- <Possible follow-ups>
- Re: HELO/EHLP attack?. Michal 'CeFeK' Nazarewicz (Aug 08)