Valdis.Kletnieks@vt.edu wrote:
On Tue, 24 Oct 2000 09:53:16 EDT, Marshall Eubanks <tme@21rst-century.com> said:
Are you really saying that if I tell you that a dial-up user on your network hacked into my system at some precise time, from a precise IP address (so that you could probably tell easily which user did it), and did so in a fashion which suggested an automated "script kiddie" effort, I should only expect a response from you if I PAY for it ?!?
Umm... would you be satisfied with a "We've referred it to the appropriate people" response?
At least here, and probably many other universities, we're stuck not being able to say much more than that due to student confidentiality rules...
Yes, we take action. No, we usually can't say what we did. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Sure, even a one-liner would generally be enough. If you receive no response, you assume that you are being ignored. (People with a lot more experience in this than I have have told me that having such reports ignored is indeed the norm.) It takes work to identify as much as you can about an attack and send it to the source ISP (or whoever). If they consistently receive no response, most people will eventually stop doing this work. I think that most recognize that, many times, such reports won't lead to any specific results - the ISP at the other end also has to prioritize their time. But if they aren't made, how can these people ever be nailed ? Regards Marshall Eubanks Multicast Technologies, Inc. 10301 Democracy Lane, Suite 201 Fairfax, Virginia 22030 Phone : 703-293-9624 Fax : 703-293-9609 e-mail : tme@on-the-i.com http://www.on-the-i.com