nanog mailing list archives

Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx

From: Adam McKenna <adam-nanog () flounder net>
Date: Fri, 26 Oct 2001 12:57:55 -0700


I think that Alex's point is that if you want to *really* have a secure
network, you can't do it by sending out automated mails every time a stray
packet hits your network.  That's likely to cause way more annoyance than any
good it could possibly do.

A much more effective way of proceeding would be to have a person looking at
each and every incident, deciding whether it merits a notice to the offending
network, and then sending a personal, non-threatening mail.

--Adam
-- 
Adam McKenna <adam () flounder net>   | GPG: 17A4 11F7 5E7E C2E7 08AA
http://flounder.net/publickey.html |      38B0 05D0 8BF7 2C6D 110A

Current thread:

EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Alex Rubenstein (Oct 26)
- Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Valdis . Kletnieks (Oct 26)
- RE: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Vivien M. (Oct 26)
- Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Dan Hollis (Oct 26)
  - Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Alex Rubenstein (Oct 26)
    - Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Christopher A. Woodfield (Oct 26)
- Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Adam McKenna (Oct 26)
  - Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Greg Poirier (Oct 26)
    - RE: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Mike Batchelor (Oct 26)
    - RE: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx batz (Oct 27)
- <Possible follow-ups>
- Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Dan Hollis (Oct 26)
  - Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Alex Rubenstein (Oct 26)
  - Re: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Simon Lockhart (Oct 26)
    - RE: EXAMPLE: ### xxx Canada detected a penetration attempt from 209.123.x.229. Incident# xxxx Matt Levine (Oct 26)