They should just implement it via a cgi on their webpage where you can disable by your IP or some netblocks. The other thing to do is to just rate-limit icmp and know that their stats will be off/incorrect. btw, 3 days does give them sufficent time to respond assuming you were to send them something after COB on friday to respond by monday. The encoding of the abuse info is better than those old +++ATH packets. - Jared On Thu, Oct 25, 2001 at 09:07:32PM -0700, Todd Suiter wrote:
On Thu, 25 Oct 2001, Christopher Wolff wrote:
---------- Original Message ---------------------------------- From: Sean Gleason <sgleason@digisle.net> Date: Fri, 26 Oct 2001 01:02:21 +0000 (GMT)
At this point you can:
1) Do nothing. Please accept our apologies and be assured that your machines are not being pinged by a hostile party.
Hostile is a matter of definition. For some of us, these would be another in the category of 'false positive' events that LOTs of us look at by hand. I may be nitpicking here, but every security/network person who takes time out of their schedule to analyze and dig into this 'test', is having their time wasted. And the several days time frame is just poor judgement.
t
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.