Security Incidents mailing list archives

RE: Proper ISP Reporting

From: "Lyal Collins" <lyal.collins () key2it com au>
Date: Wed, 17 Aug 2005 14:28:27 +1000

Ive had useful outcomes by:
Sending them an email - include the security@, abuse@, sales@, technical@
and info@ addresses (someone should read it from that list)
Include in the email some log extracts - IP address, dates, times and an
assessment of severity (critical, nuisance value etc) - but not too much -
they only need little detail to identify the miscreants, in my experience.
Thanks them for their time and assistance.
The next issue is how does the service provider react, or if they have a
reaction/incident management process at all....

Lyal

-----Original Message-----
From: Jason Burton [mailto:jab () leximedia net] 
Sent: Wednesday, 17 August 2005 12:02 PM
To: incidents () securityfocus com
Subject: Proper ISP Reporting


Anyone have samples of how to properly report to ISP's regarding abuse?
 
ie. What format the email should be in, sample phrases, or sentences that
might help. I've been doing this for a while and while some work, some have
not. Im wondering if anyone has examples.
 
Thanks
 
Jason Burton
Leximedia LLC
jab () leximedia net

Current thread:

Proper ISP Reporting Jason Burton (Aug 16)
- Re: Proper ISP Reporting chip (Aug 17)
- RE: Proper ISP Reporting Ramki B (Aug 17)
- Re: Proper ISP Reporting Rod Barnhart (Aug 17)
- Re: Proper ISP Reporting Valdis . Kletnieks (Aug 17)
- RE: Proper ISP Reporting Lyal Collins (Aug 17)
- <Possible follow-ups>
- Re: Proper ISP Reporting Brandon Butterworth (Aug 17)
  - Re: Proper ISP Reporting Leif Ericksen (Aug 19)
    - Re: Proper ISP Reporting Valdis . Kletnieks (Aug 22)
- RE: Proper ISP Reporting Lepich, Jesse A Mr GLWACH (Aug 17)
- RE: Proper ISP Reporting McKinley, Jackson (Aug 18)
  - RE: Proper ISP Reporting Scott Fuhriman (Aug 19)
    - Re: Proper ISP Reporting Dennis Willson (Aug 22)
- RE: Proper ISP Reporting Swen Wulf (Aug 19)