Re: RBL-type BGP service for known rogue networks?

[David Charlap <david.charlap () marconi com>]

"Richard A. Steenbergen" wrote:
> Getting the dialups will not be possible with this kind of a system,
> DHCP makes it useless

Maybe yes, maybe no.  If the ISP's dialups keep log files of connections
and disconnections (and I hope that most of them do, for at least a few
days), they should be able to correlate an IP address and timestamp with
a login.

It is useful if you have your own logfiles to send in as part of the
report - so they will have the IP addresses and timestamps.  Without
knowing the time of the attack, they won't be able to figure out which
user had the IP address during the time of the attack.

Be sure to keep your clock synchronized with reality so that your
timestamps are meaningful.

The real hard part here is getting the ISP to do the search in the first
place.  But that's politics, not technology.

-- David