please to not email in html format... yikes! Russ, could you re-mail whatever content you just sent, in plain text? On Tue, Sep 23, 2008 at 11:07 PM, Russell Mitchell <russm2k8@yahoo.com> wrote:
MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-593512929-1222225655=:9145"
--0-593512929-1222225655=:9145 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable
Hello All,=0A=A0=0AIt seems you all missed the memo.=0AAs of about 11PM PST= Last night 09/22/08, Esthost has been ENTIRELY Shutdown. They no longer ha= ve ANY Machine on my network.=0A=A0=0AI'm currently starting to monitor som= e of the public media, such as google, DroneBL, as well as several Anti-Mal= ware community websites for abuse.=0A=A0=0ABeing that Esthost is now entire= ly GONE, we should not have any further issues.=0AIn the case that somethin= g=A0does arise, such as an exploited host, we're currently developing a gam= e plan for=A0response to=A0the issues.=0ATo make the best effort towards co= mbatting=A0abuse on our network, here's what I have planned so far for ANY = Type of abuse:=0AStep 1,=A0Suspend Power to the affected machine.=0AStep 2,= Call/Email the client whom the affected machine is leased to.=0AStep 3, Al= low the client=A0the option to=A0investigate the machine further (Nullroute= access via KVM)=0AStep=A04, Verify the=A0reported content, domain, user, o= r exploit=A0is patched/eliminated from the machine.=0AStep 5,=A0Remove the = Nullroute. Allow the machine to return to the network.=0A=A0=0AAny comments= ? =0A=A0=0AThis is=A0the result of a zero tolerance policy regarding abuse.= If it's clear that the server owner is the cause of the abusive material e= tc, the client will then be immediately cancelled. No questions.=A0=0A=0A= =0AIt seems that this approach will be the best supported by the anti-abuse= communities, so please let me know your input.=0A=0AThank you for your tim= e. Have a great day.=0A=A0---=0ARussell Mitchell=0A=0AInterCage, Inc.=0A=0A= =0A=0A----- Original Message ----=0AFrom: Paul Wall <pauldotwall@gmail.com>= =0ATo: Mark Foo <mark.foo.dog@gmail.com>=0ACc: nanog@nanog.org=0ASent: Tues= day, September 23, 2008 5:46:58 PM=0ASubject: Re: YAY! Re: Atrivo/Intercage= : NO Upstream depeer=0A=0AHold the rejoicing, Atrivo is back, this time on = UnitedLayer.=0A=0AI'd contact them, only they seem to change CTOs every mon= th or two,=0Adoes anybody know who's currently in charge?=0A=0AThank you, a= nd Drive Slow,=0APaul Wall=0A=0A=0A --0-593512929-1222225655=:9145 Content-Type: text/html; charset=us-ascii
<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><P>Hello All,</P> <P> </P> <P>It seems you all missed the memo.<BR>As of about 11PM PST Last night 09/22/08, Esthost has been ENTIRELY Shutdown. They no longer have ANY Machine on my network.</P> <P> </P> <P>I'm currently starting to monitor some of the public media, such as google, DroneBL, as well as several Anti-Malware community websites for abuse.</P> <P> </P> <P>Being that Esthost is now entirely GONE, we should not have any further issues.</P> <P>In the case that something does arise, such as an exploited host, we're currently developing a game plan for response to the issues.</P> <P>To make the best effort towards combatting abuse on our network, here's what I have planned so far for ANY Type of abuse:</P> <P>Step 1, Suspend Power to the affected machine.</P> <P>Step 2, Call/Email the client whom the affected machine is leased to.</P> <P>Step 3, Allow the client the option to investigate the machine further (Nullroute access via KVM)</P> <P>Step 4, Verify the reported content, domain, user, or exploit is patched/eliminated from the machine.</P> <P>Step 5, Remove the Nullroute. Allow the machine to return to the network.</P> <P> </P> <P>Any comments? </P> <P> </P> <P>This is the result of a zero tolerance policy regarding abuse. If it's clear that the server owner is the cause of the abusive material etc, the client will then be immediately cancelled. No questions. </P> <DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif"> <DIV></DIV> <DIV> </DIV> <DIV>It seems that this approach will be the best supported by the anti-abuse communities, so please let me know your input.</DIV> <DIV> </DIV> <DIV>Thank you for your time. Have a great day.<BR> </DIV>---<BR>Russell Mitchell<BR> <DIV>InterCage, Inc.<BR></DIV> <DIV style="FONT-SIZE: 12pt; FONT-FAMILY: times new roman, new york, times, serif"><BR> <DIV style="FONT-SIZE: 13px; FONT-FAMILY: arial, helvetica, sans-serif">----- Original Message ----<BR>From: Paul Wall <pauldotwall@gmail.com><BR>To: Mark Foo <mark.foo.dog@gmail.com><BR>Cc: nanog@nanog.org<BR>Sent: Tuesday, September 23, 2008 5:46:58 PM<BR>Subject: Re: YAY! Re: Atrivo/Intercage: NO Upstream depeer<BR><BR>Hold the rejoicing, Atrivo is back, this time on UnitedLayer.<BR><BR>I'd contact them, only they seem to change CTOs every month or two,<BR>does anybody know who's currently in charge?<BR><BR>Thank you, and Drive Slow,<BR>Paul Wall<BR><BR></DIV></DIV></DIV></div><br>
</body></html> --0-593512929-1222225655=:9145--