Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Template Admin Notification

From: Tim <timv2000 () YAHOO COM>
Date: Thu, 25 Jan 2001 06:47:20 -0800
IMHO, If you're really serious about helping stop whoever is attacking
you, rather than ckecking the "I tried to contact them" box, you should be
using other than e-mail to contact someone who's host sends malicious
traffic at your site.

1.  You are most likely seeing traffic from a compromised system.

2.  If you suspect that the system is compromised, whoever compromised the
system may see or intercept your email message giving them ample
opportunity to clean up after themselves.

3.  Even if whois doesn't have a phone number, it only takes about 2 more
minutes to find one.

4.  The fact that you took the time to call sends the message that this
matters to you, and that you care about your system's security far more
strongly than a form letter.

Tim

-----Original Message-----
From: Alfred Huger [mailto:ah () SECURITYFOCUS COM]
Sent: Wednesday, January 24, 2001 8:10 AM
Subject: Template Admin Notification


Does anyone on the list have a default template email they use to notify
admins of attacks from their networks?

I would be interested in seeing them posted to the list (or to myself
directly if that's not possible).

Cheers,
-al

"Vae Victis"
SecurityFocus.com

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - Buy the things you want at great prices.
http://auctions.yahoo.com/
Previous By Date Next
Previous By Thread Next

Current thread: