nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Dynamic IP log retention = 0?

From: "Ross" <ross () dillio net>
Date: Thu, 12 Mar 2009 18:54:33 -0500 (CDT)
Whether Covad chooses to enforce their AUP against port scanning is a
business decision up to them. Again, why worry about things out of your
control, especially when we are talking about port scanning. I would think
people have more pressing issues, guess not.

-- 
Ross
ross [at] dillio.net



In message <20090312120816.B668 () egps egps com>, "N. Yaakov Ziskind"
writes:

JC Dill wrote (on Thu, Mar 12, 2009 at 09:02:25AM -0700):

Ross wrote:

There seems to be a big misconception that he asked them to "hand

over"

the info.  As I read the OP, he asked Covad to do something about it
and Covad said "we can't do anything about it because we don't have
logs".  Here's a quote from the OP:


The real problem is that Covad claim (second hand) that they can't
identify the perpetrator(s).

      I've been nudging an operator at Covad about a handful of
      hosts from his DHCP pool that have been attacking -
      relentlessly port scanning - our assets.  I've been informed
      by this individual that there's "no way" to determine which
      customer had that address at the times I list in my logs -
      even though these logs are sent within 48 hours of the
      incidents.

One shouldn't need to have to get the indentities of the perpetrators
to get AUP enforced.  Port scanning is against 99.9% of AUP's.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews () isc org
Previous By Date Next
Previous By Thread Next

Current thread: