doug at dwhite.ws
Thu Oct 3 15:20:55 GMT 2002
As a small hosting provider, this is one of our "edge". That is, a maximum of 24 hour turnaround on
Port scanning, Harvest 'bots, and spoofing are blocked immediately. Spamming is not tolerated at
all, and one complaint, triggers an investigation. If the client is not forthcoming with proof of
opt-in-confirmed, then they are terminated immediately, no second chances.
Substantial clean-up fees are charged.
This address is filtered through the open relay database at http://www.ordb.org
and is virus scanned by ANTIVIR
mailto:doug at dwhite.ws
----- Original Message -----
From: "Ed Truitt" <ed.truitt at etee2k.net>
To: <list at dshield.org>
Sent: Thursday, October 03, 2002 8:11 AM
Subject: Re: [Dshield] Why???
| I guess I must have a *special* ISP then, too. Or else, I have a good
| relationship with mine. I have no problems getting them to act on
| portscanning/Nimda-scanning activities - in fact, normally by the time I
| report what the tarpit sees, they have taken the machine off the 'Net and
| told the person to fix it. Of course, the fact that the original Code Red
| attack wreaked havoc with their DSL customers, who mostly had Cisco 67x
| routers (which locked up when it with CR probes) may have helped. But, I
| think it is mostly due to the fact that they are a small ISP/consulting
| firm, who needs an edge to stay competitive - and that edge, for them, is
| Ed Truitt
| PGP fingerprint: 5368 D25E 468C A250 9833 CCD6 DBAE 9C25 02F9 0AB9
| "Note to spammers: my 'delete' key is connected to YOUR ISP.
| Also, if you send me UCE, I reserve the right to post your spew
| on my Web site, with the appropriate color commentary, so that
| others may have a good laugh at your expense."
More information about the list