Security Basics mailing list archives
Re: Reporting malicious people?
From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 2 Nov 2010 17:51:08 -0400
On Mon, Nov 1, 2010 at 9:16 AM, ichib0d crane <themadichib0d () gmail com> wrote:
I was curious as to what would be the most effective way to report malicious activity from remote attackers. Who I should contact and what not. I've tried contacting the ISP of the originating IP but that seems to rarely work, or even elicit a response most of time.
I generally report it to the WHOIS contacts. I never use web forms, since (1) we have RFC2142, Mailbox Names for Common Services, Roles and Functions; and (2) I don't agree to any bull shit the company's lawyers come up with as a term of service. If WHOIS does not specify abuse () example com, noc () example com, secure () example com, security () example com, postmaster () example com, and hostmaster () example com, they also get the email for completeness. See section 4 and 5 from the RFC. The result: usually nothing. So I move on to step two: complain to the BBB. Not only do they get nailed for the hacking attempt, they also get complaints for (1) not complying with the RFC, and (2) not ignoring their responsibilities regarding WHOIS contact. The result: the provider usually responds. If the registrar is an organization like GoDaddy, I usually file a complaint against them also. Go Daddy is a registrar, and required to maintain the WHOIS contact information per their ICANN agreement. See http://www.icann.org/en/topics/whois-services/. The result: yet another unsatisfied GoDaddy complaint.
[SNIP]
Jeff ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Reporting malicious people? ichib0d crane (Nov 02)
- Re: Reporting malicious people? security (Nov 02)
- Re: Reporting malicious people? Adam Mooz (Nov 02)
- Re: Reporting malicious people? TAS (Nov 02)
- Re: Reporting malicious people? Jeffrey Walton (Nov 02)
- Message not available
- Re: Reporting malicious people? ichib0d crane (Nov 09)
- RE: Reporting malicious people? Brad Bemis (Nov 09)