On Tue, 7 Nov 2000, John Payne wrote:
On Tue, Nov 07, 2000 at 10:09:20PM -0500, Christopher L. Morrow wrote:
For the others on this list, if you are a UUNET customer you can call our Security Department if you ever have any issues with security, DoS, fraud, spam, or the like. If you are under DoS attack either one of my engineers will stop and track the attack, or I will do it... it's what we get paid to do. If you are NOT a UUNET customer you know that other ISP's (Tier 1's atleast) do NOT filter attack traffic, and they do NOT track attacks. The ONLY exceptions to this are: Genuity, Global Crossing and at one time Verio.
The only exceptions that you know of perhaps. As a former employee of AT&T Global Network Services (ibm.net), I know for a fact that AGNS responded promptly to any DoS reports called into our helpdesk, regardless of whether they were a paying customer, downstream of a customer or a peer.
Yes, I re-read this paragraph and what I meant was 'in my experience the only people who track attacks are...'. I'd also forgotten tracking atleast one attack with 2 folks from Above.Net... so they didn't make my original list.
I would also like to know UUNETs policy for peers, as I have first hand experience of other large ISPs who's helpdesks refused to take my phone call for assistance in tracking and blocking an on going attack because "you must be mistaken, the only way you would have a pipe into our network is if you are a customer".
Our policy is to track attacks that peers bring to us also... just follow the procedures I outlined in the initial message (call 1-800-900-0241 option 2,3,1 and ask for a Router Engineer)... We'll happily track the attack for you. :)
I do remember uunet.ca being very responsive on at least one occasion, but its distressing to know that you've spent time and effort tracking an attack across your network only to come up against a brick wall... and then know thta you're going to have performance problems with that peer until the attack stops, and yet that peer is not willing to even talk to you.
Yes, this is quite distressing... my favorite answer is (after pouring over the networks www.xyz.net website trying to find a single number to call to TRY and find their NOC...): "please email that issue into NOC@xyz.net"... if you are a peer and track something up to a connect with UUNET call and we'll track it for you. -Chris