[H-GEN] FTP login by wtmp?
Mark Suter
mark at zwitterion.humbug.org.au
Sun Aug 22 22:58:17 EDT 1999
[ Humbug *General* list - semi-serious discussions about Humbug and
Unix-related topics. ]
-----BEGIN PGP SIGNED MESSAGE-----
Folks,
Anyone following up on this thread should be aware of the following
HUMBUG List Netiquette,
... due to the large number of System Administrators working
for various ISPs in HUMBUG, discussion of the relative merits of
different ISPs on the list is discouraged.
http://www.humbug.org.au/member.html
On Fri, 23 Aug 1996, Hilton Travis wrote:
> [ Geoff Everist <everistg at switch.aust.com> wrote: ]
> > I would be interested in the general perspective from the point of view of
> > an ISP Sysop...
>
> I am not an ISP sysop, but if I were, I'd be investigating your report VERY
> carefully to see where the perpetrators came from.
I am a Systems Administrator for the University of Queensland. We do
have ISP-like activities, though not as commercial as others may be.
> > Is this something that should be taken seriously by an ISP?
>
> YES.
It depends on the form and wording of the complaint. I generally
respond to most complaints; however, for us to put any effort in, the
complainant should make some effort. This includes contact details,
logs and full timestamps.
> > Is it reasonable to expect a response to such an abuse report, and if so,
> > what would be the maximum time for the response?
>
> YES. 1 day maximum, I'd suggest.
There should generally be a response, even if it's "Sorry, we can't
do anything with this". Normally 24-48 hours is enough; however,
you should take into account local holidays, weekends and time zones.
To quote:
Remember that people with whom you communicate are located across
the globe. If you send a message to which you want an immediate
response, the person receiving it might be at home asleep when it
arrives. Give them a chance to wake up, come to work, and login
before assuming the mail didn't arrive or that they don't care.
http://mirror.aarnet.edu.au/rfc/rfc1855.txt
> > Is there now so much noise generated by people reporting abuse that there
> > simply is not enough time to investigate and respond any more?
>
> There shouldn't be any excuse for not actioning a genuine illegal access.
> Especially since they have been the known final point of contact for
> another, well publicised attack.
We don't get too much here at UQ. Anyone else know the situation at
other organizations and care to comment?
> > Is there anything else I can do to get their attention (within reasonable
> > bounds, of course)?
>
> I'd speak to the Australian Federal Police (or whoever looks after illegal
> computer accesses in Oz) and the relevant authorities in NZ. If you were
> attacked and noticed, imagine the number of people who were attacked and do
> not know about it!
Have you tried the technical contacts?
whois -h whois.apnic.net 203.109.224.0/19
whois -h whois.patho.gen.nz ihug.co.nz
Yours sincerely,
- -- Mark John Suter | I know that you believe you understand
suter at humbug.org.au | what you think I said, but I am not sure
PGP encryption is OK | you realise that what you heard is not
Ph: +61 4 1162 2316 | what I meant. anonymous
Article 19: http://www.un.org/Overview/rights.html
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Comment: Public key available from http://www.uq.edu.au/~suter/public_key.txt
Charset: noconv
iQCVAwUBN8C4vXBbxiOCJ17ZAQE79gQAyMGvk5I9IfMsCXj/LKpeN339kQvFu+0A
gk56Ht7nCcop3wKaoIO3C6zTOMJBoT4yOKvHfhBbUCDxNL5CSpWG7ppLvwM+ughd
7S9Dxg85lFlVljMZ7uBUgz5CzF0mbB19aOJ8ihMM/Qqtow3YnWOUT1kpavIfhi1h
d2f+4MfjPco=
=w3aQ
-----END PGP SIGNATURE-----
--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.
More information about the General
mailing list