Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: A rather newbie question

From: "Schmidt, Michael R." <Michael.Schmidt () T-Mobile com>
Date: Sun, 2 May 2004 09:08:45 -0700
Thanks,

I use ISA server.  This is my home network, so I probably have nothing that they would be interested in.  I do have two 
static IP addresses and a DSL line.

-----Original Message-----
From: Elvedin Trnjanin [mailto:elvedin () ods org]
Sent: Sunday, May 02, 2004 7:13 AM
To: ald2003 () users sourceforge net
Cc: Schmidt, Michael R.; full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] A rather newbie question

I would suggest not scanning systems you do not own, aren't currently
being attacked by or any such thing like it. Instead of complaining to
your ISP, find the abuse contact for that IP address/hostname and contact
that person since he would be more willing to help rather than your ISP.

Here's an example for one of those IP addresses:
http://www.dnsstuff.com/tools/whois.ch?ip=!NET-63-71-49-0-1&server=whois.arin.net

OrgAbuseHandle: ABUSE3-ARIN
OrgAbuseName:   abuse
OrgAbusePhone:  +1-800-900-0241
OrgAbuseEmail:  abuse-mail () mci com

You can search for more under "Abuse Lookup" at http://www.dnsstuff.com

Also, could you share what this "default rule" is? On my firewalls, it's
the system settings rule such as blocking the "Remote Management" port or
ping replies. If your rule is similar to this, you're just wasting
everyones time.


If someone could take a quick look through my log file - it is
very simple and shows a bazillion requests that are being bounced
off my firewall.  I would really appreciate it.  My ISP didn't
care and didn't respond when I let him know about all this
traffic that was wasting MY bandwidth.  And then they were upset


if the isp does not care about people wasting your bandwidth pay your isp
less by the cost of the amount of bandwidth consumed by the attacks
estimate on the extravagent side accompined by a request to null route
this ip address at a minimum. get your lawyer to talk to them if then do
not respond!



when I nmapped back to a few addresses and hit some upstream
providers router - oh well, live and learn.  They told me they
would terminate my contract if I kept that up.  Hey I was just
trying to find out who the freaks were that are constantly
attacking MY network.


that sure got their attention! just keep this up but after informing the
isp that if they cannot protect your network then you would have to take
active steps to protect your network which includes all the network
scanning and namapping etc


-best of luck in dealing with the isp
aditya


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




--
Elvedin Trnjanin
elvedin () ods org
http://www.ods.org
- ODS.org Team

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: