Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Publishing Nimda Logs

From: "Matt Andreko" <mandreko () ori net>
Date: Tue, 7 May 2002 16:24:44 -0500

I work for an ISP.  I can not speak for all ISPs, but at least ours
responds to every one we get.  Many times with the Earlybird program (a
very nice program I use myself) it also gets sent to our upstream
provider who tell us about it.  If we can't get ahold of that user, we
simply filter their ip address in our routers, or something to get their
attention.  

Please don't always just blame the ISPs, because some of them out there
really do attempt to stop it.  We hate spam and viruses just as much as
everyone else.
 

--
Matt Andreko


-----Original Message-----
From: Blue Boar [mailto:BlueBoar () thievco com] 
Sent: Tuesday, May 07, 2002 3:50 PM
To: RSnake
Cc: Luis Pinto; Deus, Attonbitus; vuln-dev () securityfocus com
Subject: Re: Publishing Nimda Logs

RSnake wrote:

      I am not ashamed to say I was infected by a virus, and I was not

warned

by anyone.  I eventually did a netstat in cygwin and found it myself.

This is

a bad assumption.


I appears that ISPs (in general; there are exceptions, of course) do a
poor 
job of notifying the end user when they get a notice.  An outside person

generally has no mechanism to determine the end user themselves.

Think about it... how many of you have given your ISP your main email 
address or phone number, so they can contact you in case of problems?
My 
ISP gave me some sort of email address when I signed up for DSL, and I
have 
never once bothered to see if there is mail in there.  I have 5 of my
own 
addresses, domains, etc... thanks.  Since I have DSL, they do happen to 
have my phone number.

                                                BB
Previous By Date Next
Previous By Thread Next

Current thread: