On Sun, Nov 15, 1998 at 06:24:13PM -0500, sigma@pair.com put this into my mailbox:
Let me guess - the IP is 209.67.50.254, and they're trying to login to nameservers as "root", sometimes a dozen times per second?
Hello, filtering.
Kevin
Sorry to cross post, but is there anyone monitoring this list from Exodus with 1/2 a clue who might be able to help me? I called the NOC with an in-progress abuse and was told :
1) We don't know who owns that IP 2) We can't get into our own routers 3) We don't have a ticket system 4) The abuse people have a ticket system, but only if we can associate it to a customer (See #1) 5) We don't know how often the "abuse@" is checked 6) Email us the logs, and thanks for calling.
Careful. Exodus' lawyers might take offense and try to sue your ass for libel. This seems pretty par for most ISPs these days, though. They're either "duh, what's abuse?", and take hours of handholding and e-mails to explain why 'when one of your customers commits felonies by flooding my machine it's a BAD thing' - whereupon by the time they realize it's a bad thing the user is long gone or the attack is untraceable, or their radius logs (if they keep any) have rotated, or they act like the idiots in Malaysia and Mexico* and just ignore any abuse reports altogether. (*) Certain clueless people have taken this to mean that I think all Malaysians and Mexicans are stupid. I don't. I simply happen to think that all the ISPs there are seriously lacking in clue department, because I've spent the better part of the last six months dealing with quite a number of them attempting to get them off of their sorry behinds and to actually delete users who do things like spam, flood, hack, &etc, without results. -dalvenjah -- Dalvenjah FoxFire (aka Sven Nielsen) "If her breath were as terrible as her Founder, the DALnet IRC Network terminations, there were no living near her; she would infect to the North Star!" e-mail: dalvenjah@dal.net WWW: http://www.dal.net/~dalvenjah/ whois: SN90 Try DALnet! http://www.dal.net/