nanog mailing list archives
Re: Automated Network Abuse Reporting
From: Doug Luce <doug () nanog con com>
Date: Mon, 29 Dec 2003 12:00:35 -0500 (EST)
When we get something that looks automated, we send back a reply saying "We received this, if you'd like us to take action, please have a human reply." I've been thinking of instead having them send us a cryptographic hash of their message, saying that we MUST have all such notifications validated. I'd give them the URL to some page that would provide the hash, of course. Doug On Mon, 29 Dec 2003, Joel Jaeggli wrote:
if you automate abuse reporting you can basically assume that the reciver will automate abuse handling. since that has in fact happened as far as i can tell the probably of you automated asbuse replaies ever reaching a human who cares or can do something about it is effecetivly zero. joelja On Mon, 29 Dec 2003, Jason Lixfeld wrote:We're a small company but none the less are inundated with firewall logs reporting numerous attempts to find holes in our network; c'est la vie. Seeing as how we are small, we don't have the resources to go through and send emails off to the abuse departments of each network sourcing the probes. Question is: Has there been development of some sort of intelligent unix land app that can understand Cisco syslog output, find the abuse departments of the sourcing networks and send them off a nice little FYI?-- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja () darkwing uoregon edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
Current thread:
- Automated Network Abuse Reporting Jason Lixfeld (Dec 29)
- Re: Automated Network Abuse Reporting Stephen Miller (Dec 29)
- Re: Automated Network Abuse Reporting Etaoin Shrdlu (Dec 29)
- Re: Automated Network Abuse Reporting Joel Jaeggli (Dec 29)
- Re: Automated Network Abuse Reporting Doug Luce (Dec 29)
- Re: Automated Network Abuse Reporting Brian Bruns (Dec 29)
- Re: Automated Network Abuse Reporting Richard A Steenbergen (Dec 29)
- Re: Automated Network Abuse Reporting Joel Jaeggli (Dec 29)
- Re: Automated Network Abuse Reporting Daniel Medina (Dec 29)
- Re: Automated Network Abuse Reporting Stephen Perciballi (Dec 29)