[Dshield] An Abuse-Free internet organzation

Brad Spencer brad.madison at mail.tds.net
Tue Jan 20 16:46:29 GMT 2004


At 10:33 AM 1/20/2004 -0500, you wrote:

>But Erwin, when a vast amount of the attacks/probes to my server comes from
>Verizon and reporting things to them gets absolutely no response ? And they
>are not the only big name that chooses to not respond... Where does that
>leave us ?

Gather  evidence Verizon can't ignore.  Send it to Verizon.  Perhaps make 
the evidence avialable to all.

It has worked for uu.net.  It should work for Verizon.

I agree that Verizon is less than perfect.  It is a less than perfect 
world.  If Verizon doesn't respond to mild reports give them strong (in the 
sense that they contain incontrovertible evidence) reports.

Those probes are preludes to abuse.  Let some in (a little) and capture the 
abuse.  Then tell Verizon.

Here's one way uu.net was persuaded to act:

http://www.corpit.ru/cgi-bin/h0n5yp0t

uu.net IPs were showing up on this page.  Anyone in the world who had the 
URL could see that abuse appeared to be coming coming from uu.net 
IPs.  That, coupled with the information that uu.net also knew the URL 
would indicate they were intentionally allowing abuse to be done that 
involved their IPs.  Not wishing to have that known, uu.net acted.  Why 
would Verizon be different?  Any ISP?




More information about the list mailing list