[Dshield] Fw: NTL Support/Abuse Staff
Johannes B. Ullrich
jullrich at euclidian.com
Thu Aug 30 00:57:55 GMT 2001
-----BEGIN PGP SIGNED MESSAGE-----
It is not an uncommon complaint that we once in a while 'catch' a proxy
in our database. In particular with Code Red being in everyones mind. I
will hopefully soon find the time to implement some of the proxy checks
for the alert pages.
However, one question to ISPs that use proxies: Why not filter Code Red
requests? Also, quite frequently I find that these proxies are configured
'open'. This way, everyone in the world can use them to hide their tracks.
> 5. The web proxies get listed as attackers.
If they are not the attacker themselfe, they at least hide their
identity and this should be fixed.
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list