[Intrusions] SSH brute forcers
EBIOS SysOp
ebios at ebios.wnaft.agh.edu.pl
Mon Jun 6 12:08:45 GMT 2005
Hello
When talking about ISPs and their misbehaving clients - what about
blacklisting ISPs, or a ranking them according to their professional
response when alerted about abusers coming out of their IP space?
Any bad/good feelings about it ?
Best regards
Wojciech Królik
On Thu, 2 Jun 2005, Smith, Donald wrote:
>
> Most of us do. I can not speak for all ISPs nor even for qwest.
> But here are some general comments.
>
> Most dynamic IPs are tracked back to an account not a MAC.
> To do that we need the ip, logs (proof) and time stamps with Timezone
> info.
>
> Depending on the ISP's AUP users may get several warnings before being
> disabled.
> Depending on the ISP's abuse staff load this might take a day or two.
>
More information about the Intrusions
mailing list