XSS/Script Injection on my site -- further details

["arian.evans" <arian.evans () anachronic com>]

inline:

> -----Original Message-----
> From: arian.evans [mailto:arian.evans () anachronic com] 
> Sent: Friday, April 28, 2006 12:30 PM
>
> Someone in Atlanta on Cox cable is once again giving
> my personal site a "free pen test".

I lied. It turns out that while the Cox backbone is out
of ATL, the actual activity originates in Irvine, CA.

I do not want to unnecessarily cast blame on folks in ATL,
as I think we all know who would get blamed there. :)

If this hadn't happened twice before and nuked my server
once, I probably wouldn't care a lot, but this is the
third time you've hit me, and it is rude, unprofessional,
and you've cost me a lot of personal time & email loss
that could have been easily avoided.

I am unwilling to debate the merit of having my IDS
alerts go to my default mail spool; it works quite well
except when I get 40k alerts over an evening.

Anyone on the lists stuck up in or around Rochester,
NY for the next few months, gimme' a shout....

Happy Fridays,

Arian J. Evans
+1.913.378.3571 [mobile]

"See? That was nothing. But that's how it always begins. Very small." -Egg
Shen






-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. Change the way you 
think about application security testing - See for yourself. 
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------