Security Incidents mailing list archives
Re: disinfection tool
From: Homer Wilson Smith <homer () lightlink com>
Date: Mon, 6 Aug 2001 15:43:32 -0400 (EDT)
While someone may decide to do this the more likely scenario is that ISPs will start black holing infected IP addresses the same way they do with SPAM.
Yep. We got one on a DHCP'd IP, they would have to block the whole Class C to get rid of him. How does one easily track down a mac address through a maze of Cisco 1900 switches to find the port number that has the machine on it, if you know the mac address? Doing it by hand is painful. Thanks Homer ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: disinfection tool Mark Ng (Aug 06)
- Re: disinfection tool Alfred Huger (Aug 06)
- RE: disinfection tool Ken Pfeil (Aug 06)
- Re: disinfection tool Homer Wilson Smith (Aug 06)
- Re: disinfection tool Ryan Russell (Aug 06)
- RE: disinfection tool Rob McCauley (Aug 06)
- Re: disinfection tool Alfred Huger (Aug 06)