nanog mailing list archives

Re: How do you handle client contact for network abuse/malware compaints etc.?

From: "Chris Kuethe" <chris.kuethe () gmail com>
Date: Wed, 1 Mar 2006 16:11:38 -0700


On 3/1/06, Nicole Harrington <nmh () daemontech com> wrote:
...

 In short, how much information do you pass on to support yourself and when.


We've found that a simple "we've received complaints about you and
your machine. Go here (symantec, fsecure, windowsupdate, etc) and
patch your machine."  works pretty well. By and large, everyone
replies back with "yeah, I was missing X, Y, and Z patches" or "I
found such-and-such virus and disinfected it".

Maybe one in a few thousand asks for logs. When the user asks for
logs, we're pretty forthcoming with them. They might just have the
same info in their windows/norton/whatever logs already.

In short, we tell them they have a problem, give them the tools to fix
it, and if asked will show them the complaint, but usually that buck
stops with us.

CK

--
GDB has a 'break' feature; why doesn't it have 'fix' too?

Current thread:

How do you handle client contact for network abuse/malware compaints etc.? Nicole Harrington (Mar 01)
- Re: How do you handle client contact for network abuse/malware compaints etc.? Chris Kuethe (Mar 01)
- Re: How do you handle client contact for network abuse/malware compaints etc.? Mark Radabaugh (Mar 01)
  - Re: How do you handle client contact for network abuse/malware compaints etc.? chuck goolsbee (Mar 02)