When we get something that looks automated, we send back a reply saying "We received this, if you'd like us to take action, please have a human reply." I've been thinking of instead having them send us a cryptographic hash of their message, saying that we MUST have all such notifications validated. I'd give them the URL to some page that would provide the hash, of course. Doug On Mon, 29 Dec 2003, Joel Jaeggli wrote:
if you automate abuse reporting you can basically assume that the reciver will automate abuse handling. since that has in fact happened as far as i can tell the probably of you automated asbuse replaies ever reaching a human who cares or can do something about it is effecetivly zero.
joelja
On Mon, 29 Dec 2003, Jason Lixfeld wrote:
We're a small company but none the less are inundated with firewall logs reporting numerous attempts to find holes in our network; c'est la vie. Seeing as how we are small, we don't have the resources to go through and send emails off to the abuse departments of each network sourcing the probes. Question is: Has there been development of some sort of intelligent unix land app that can understand Cisco syslog output, find the abuse departments of the sourcing networks and send them off a nice little FYI?
-- -------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2