Security Incidents mailing list archives

Re: Odd response from Taiwanese ISP

From: Jim Roland <jroland () ROLAND NET>
Date: Tue, 21 Nov 2000 14:49:45 -0600

Typical "hands-off" attitude.  Asia, especially the Orient, has a lot of
port scanning activity.  Former companies I worked for, were frequently hit
about 1-4am Central Time-US, and usually from South Korea and Hong Kong.
Attempts were ignored, and when I called them, they were very annoyed that I
was wasting their time.  Consequently, the same user kept up his activity
for several weeks after (even though their ISP was blocked, I still
monitored at the firewall), but not every night.  The end-result was they
(HKNet) did absolutely nothing because there is no international law with
any teeth to prevent such activity.  Perhaps InterPOL will finally do
something.


----- Original Message -----
From: "Russell Fulton" <r.fulton () AUCKLAND AC NZ>
To: <INCIDENTS () SECURITYFOCUS COM>
Sent: Monday, November 20, 2000 2:15 PM
Subject: Odd response from Taiwanese ISP

Greetings All,
             A little off topic but I can't think of anywhere else to
post this.

Below is the response I got to a report sent to abuse () hinet net.  The
report described a extentive scan of our address space for machines
running LPD (tcp port 515) and included accurate times and log records.

I really don't know what to make of this.  It looks to me as if Hinet
does not have an AUP and that they will only act on complaints that the
police will prosecute on.

Does anyone else have any iformation on what is going on here?

Cheers, Russell,


--- Begin Forwarded Message ---
Date: Mon, 20 Nov 2000 14:44:20 +0800
From: XXXXXqXHXXXXXXXXXqXXXAXXXX <spam () ms1 hinet net>
Subject: Reply from HiNet
Sender: XXXXXqXHXXXXXXXXXqXXXAXXXX <spam () ms1 hinet net>
To: Security () auckland ac nz

Reply-To: XXXXXqXHXXXXXXXXXqXXXAXXXX <spam () ms1 hinet net>
Message-ID: <200011201001.SAA25508 () ms63 hinet net>



Dear Sir/Madam ,
If you would like to report about the cracker leeter. Please send it to

criminal

investigation department then they will submit it with it with formal

documentation.

Please send mail to cybercop () cib gov tw
Sorry for the inconveniences.

Yours faithfully

CHT-D
Customer Care Center

[ my original report deleted ]

--- End Forwarded Message ---

Current thread:

Odd response from Taiwanese ISP Russell Fulton (Nov 22)
- Re: Odd response from Taiwanese ISP Philippe Bourcier (Nov 24)
- Re: Odd response from Taiwanese ISP Jim Roland (Nov 24)