[Snort-users] Am I the only one pulling my slowly-turning-gray hairout!

Jules Agee julesa at ...766...
Wed Nov 8 15:20:06 EST 2000


Anyone who first starts watching their doors will probably be aghast at
how
often there are attempts to pick the locks. However, people who have
been
watching the locks for some time accept it as a fact of life. You can't
spend
all your time policing the Internet, and most ISPs are so underfunded
they
barely have time to keep all their servers running. Keep in mind that a
large
number of these 'attacks' are viruses that people don't know are running
on 
their computers. Don't underestimate the power of ignorance.

I just ignore them unless they are causing some real problem. Definitely
don't
waste any time on the phone. If you have some spare time and feel you
must take
action, write up an e-mail template with some general statement saying
what IP
address the attack came from at what time, politely requesting that they
take
action to prevent future attacks, vaguely suggesting the remote
possibility of
legal action if the attacks continue, etc. etc., and send it the
domain's
registered technical contact.

-Jules

"Robert L. Yelvington" wrote:
> 
> I am using the latest 'snort' and it works like a champ!  It is
> everything that I have heard about and MORE!...and no I am not on 'the payroll'...teehee.
> 
> My question is as follows:
> 
> Since I have been monitoring and mediating network traffic on my
> network(s), I have discovered actual break-in attempts, port scans, etc.
> by so-called 'hackers' or 'crackers'.  No sweat.  Most of them are just
> pimply faced 'script kiddies' using outta-the-box software.  No real threats.
> 
> However, am I the only one who gets the run around when reporting this
> devious activity to ISP's?  .OR. am I doing something wrong?  I know we
> hate even the mention of it, but are there any laws holding ISPs
> accountable?  Will someone please advise.  And one last thing (I am sure
> that you folks already know), don't try to report an incident to the
> folks at the "@home" network...they'll just transfer you in circles,
> then hang up on you once your estimated wait time has been reached (no
> offense to any of you @home techies in the audience...I know you're out there!).
> 
> Thanks for the open ports, ladies & gentlemen.
> 
> Respectfully,
> Rob
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users

-- 
Jules Agee
System Administrator        O>
Pacific Coast Feather Co.  / )
julesa at ...766...  x284        X



More information about the Snort-users mailing list