Re: Disabling QAZ (was Re: Port 139 scans)

[Travis Pugh <tpugh () shore net>]

I think hosting a DDoS tool or disruptive trojan is a violation of my
AUP.  I've only found one copy on a customer network, but they seem to
respond well to the "run this .reg file and remove this file to clean your
box or we'll pull the plug" email ... it really doesn't seem to be the
ISPs job to clean our customer's machines, but it is our job to enforce
acceptable use policies.  Why not use that, and leave it up to the
customer to comply or not (with the documented penalties for
noncompliance).

-travis

On Sat, 30 Sep 2000, Jason Slagle wrote:
> What about saying that the port 7759 connection is an attempt to authorize
> a user connecting to your port 139?
>
> Jason
>
> ---
> Jason Slagle - CCNA - CCDA
> Network Administrator - Toledo Internet Access - Toledo Ohio
> - raistlin () tacorp net - jslagle () toledolink com - WHOIS JS10172
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.12 GE d-- s:+ a-- C++ UL+++ P--- L+++ E- W- N+ o-- K- w---
> O M- V PS+ PE+++ Y+ PGP t+ 5 X+ R tv+ b+ DI+ D G e+ h! r++ y+
> ------END GEEK CODE BLOCK------