[Gllug] re: virus spam - update
Russell Howe
rhowe at siksai.co.uk
Mon Dec 12 14:30:17 UTC 2005
On Thu, Nov 24, 2005 at 11:33:46AM +0000, t.clarke wrote:
> Hi
>
> Just to let you know the machine in question belongs to a a Dutch shipbuilding
> company - reimerswaal
>
> I contacted them - and yes, their machine has been compromised !!
Million dollar question is do they really care?
If it got compromised through their negligence, are they going to change
the way they work in order to prevent something like this happenning
again?
I still commend your efforts, even if I feel despondent as to the effect
they are likely to have.
Also, if you want a list of compromised hosts whose owners should be
told, well, I can probably get you a couple of hundred from today's mail
server & firewall logs...
There needs to be a reliable, traceable system for reporting such
things. It's plain that abuse@ email addresses just simply don't scale
to large ISPs.
I think that ARIN (or is it RIPE?) has altered their whois information
to more clearly include the abuse contacts, which I guess is a feeble
start...
--
Russell Howe | Why be just another cog in the machine,
rhowe at siksai.co.uk | when you can be the spanner in the works?
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list