[Snort-users] Am I the only one pulling my slowly-turning-gra y hair out!
hsieff at ...519...
Wed Nov 8 15:53:39 EST 2000
I gave up reporting on scans and exploits for things I wasn't
vulnerable to a while ago, not because it was fruitless but because
the share number makes it prohibitive in time-terms, even if you
script it :-).
FWIW, when I did, I _ONLY_ ever bothered to send email; I figured that
an ISP that didn't bother to man its abuse@ and/or hostmaster@ email
box probably wouldn't even step too lively if I called.
In the email, I always included detailed logs, a brief explanation of
them, and a link to additional info. More often than not, I got an
encouraging reply eventually, and on occasion, I think I actually did
some good in explaining to someone why, say, subnet scans on port XXX
If they did not respond to this email, I went about my merry business.
@Home is notoriously bad; keep in mind that they are a rather
un-organized collection of various Cable Companies who do the ISP
thing; remember the last time you got new cable service? Or had an
overcharge on your bill?
Well, @home has the same customer service standards, so good luck!!!
(I think of all the ISP's I saw scans from, only @home and some
Turkish outfit ever ignored me completely).
Anyways, you touched a nerve, so I thought I'd vent.
> -----Original Message-----
> From: Robert L. Yelvington [mailto:rly at ...579...]
> Sent: Thursday, November 09, 2000 12:55 PM
> To: 'snort-users at lists.sourceforge.net'
> Subject: [Snort-users] Am I the only one pulling my
> hair out!
> I am using the latest 'snort' and it works like a champ! It is
> everything that I have heard about and MORE!...and no I am
> not on 'the payroll'...teehee.
> My question is as follows:
> Since I have been monitoring and mediating network traffic on my
> network(s), I have discovered actual break-in attempts, port
> scans, etc.
> by so-called 'hackers' or 'crackers'. No sweat. Most of
> them are just
> pimply faced 'script kiddies' using outta-the-box software.
> No real threats.
> However, am I the only one who gets the run around when reporting
> devious activity to ISP's? .OR. am I doing something wrong?
> I know we
> hate even the mention of it, but are there any laws holding ISPs
> accountable? Will someone please advise. And one last thing
> (I am sure
> that you folks already know), don't try to report an incident to the
> folks at the "@home" network...they'll just transfer you in circles,
> then hang up on you once your estimated wait time has been reached
> offense to any of you @home techies in the audience...I know
> you're out there!).
> Thanks for the open ports, ladies & gentlemen.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
More information about the Snort-users