Security Incidents mailing list archives
auto-reporting to ISPs
From: bugtraq () NETWORKICE COM (Robert Graham)
Date: Tue, 29 Feb 2000 16:47:44 -0800
Below is an e-mail from a customer who would like to see us add an auto-email feature to our product in order to notify the ISP of the offending hacker. This is pretty funny because we've already seen some complaints by ISPs from such a feature in other products appear on this list over the past couple of days. Could abuse@isp people please send me e-mail: * what is the proper way a product like BlackICE Defender should assist the user in reporting such events? * what should I tell this user about why we haven't put such a simple feature into the product? Thanks, Robert Graham CTO/Network ICE -----Original Message----- From: <namedeleted>@home.com Sent: Friday, February 25, 2000 7:24 AM To: webmaster () networkice com Subject: knowledge base I think your knowledge base is quite well written however on several questions you have said this is a common occurrance by hackers and should not be of concern. If it is common, shouldn't it be referred to someone for some sort of action? A hacker scanning for a trojan is like a kid checking the locks on store doors after dark or a drunk checking his pockets for car keys, maybe not illegal but the next step will be. Consider adding to your fine program a e-mail form where after checking the domain out, a e-mail can be set to the ISP describing the action (and if it did an autolookup with internic then it would be really slick)
Current thread:
- Re: @home: Is *anyone* really home there??? Robert G. Ferrell (Feb 29)
- Complaining to providers (was: @home: Is *anyone* really home there??? Rob Quinn (Mar 02)
- <Possible follow-ups>
- Re: @home: Is *anyone* really home there??? Jason Spence (Feb 29)
- auto-reporting to ISPs Robert Graham (Feb 29)
- Re: auto-reporting to ISPs Jon Lewis (Mar 01)
- Re: auto-reporting to ISPs Network Operations (Mar 02)
- Re: auto-reporting to ISPs Greg A. Woods (Mar 02)
- Re: auto-reporting to ISPs Rasmus Andersson (Mar 02)
- CNET Hackers hit e-commerce site Vincent Lee (Mar 02)
- UDP Probes (?) from port 28432 to 28431 ? Xander Jansen (Mar 04)
- Re: UDP Probes (?) from port 28432 to 28431 ? Alexander Schreiber (Mar 07)
- UDP Probes (?) from port 28432 to 28431 ? Klaus Moeller (Mar 07)
- Re: UDP Probes (?) from port 28432 to 28431 ? Xander Jansen (Mar 09)
- auto-reporting to ISPs Robert Graham (Feb 29)
- Re: CNET Hackers hit e-commerce site Chris Davis (Mar 04)