Security Basics mailing list archives
RE: Public IP information
From: "dave" <dave () netmedic net>
Date: Wed, 11 Jun 2003 19:37:56 -0400
Brian, Harsh words..... You Wrote > " contact the law enforcement who will undoubtedly not understand a word of what you are talking about, but hey, that's how it goes" I will take the Pepsi challenge on that one up against you any day of the week. Dave _____________________ Dave Kleiman dave () netmedic net www.netmedic.net -----Original Message----- From: Carpio, Brian [mailto:Brian_Carpio () csgsystems com] Sent: Wednesday, June 11, 2003 17:36 To: David M. Fetter; Ronish Mehta Cc: security-basics () securityfocus com Subject: RE: Public IP information They aren't obligated to give it to the Local Police or the FBI unless a search warrant is issued. But if the ISP is being unreasonable you can try and contact the law enforcement who will undoubtedly not understand a word of what you are talking about, but hey, that's how it goes... This should be looked upon as an opportunity to check your firewall, IDS etc... and make sure everything is working the way you want it to work. Brian Carpio -----Original Message----- From: David M. Fetter [mailto:david.fetter () fetterconsulting com] Sent: Wednesday, June 11, 2003 12:46 PM To: Ronish Mehta Cc: security-basics () securityfocus com Subject: Re: Public IP information If you are being attacked then you should contact the company that you believe it is coming from. They should have a technical contact or abuse contact. If they do not respond then you should go to the authorities. I don't think the ISP has an obligation to provide you with the information, but they certainly are obligated to give it to the local police and/or FBI. Ronish Mehta wrote:
Hi, we have recently seen attacks comming from a specific IP, by query APNIC, we found that the IP was registered to a company (say company "X LTD") We wanted to cross check with our ISP before taking any action, the ISP is saying that the IP is no longer associated with company "X Ltd" but with another company; however the ISP is claiming that the information is confidential, and that they cannot divulgate the identity of the company to which this IP address is attached Does the ISP have the right to do this? Should not the ISP give us this information in case APNIC is not updated? Any other information on this issue is the most welcome Thanks & Regards
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- Public IP information Ronish Mehta (Jun 06)
- Re: Public IP information David M. Fetter (Jun 11)
- Re: Public IP information ATD (Jun 24)
- <Possible follow-ups>
- RE: Public IP information Carpio, Brian (Jun 11)
- RE: Public IP information dave (Jun 11)
- Re: Public IP information David M. Fetter (Jun 12)
- RE: Public IP information Keith A. Pachulski, PPS, GCIH, GCFW (Jun 12)
- RE: Public IP information dave (Jun 11)
- RE: Public IP information DeGennaro, Gregory (Jun 12)