[31614] in North American Network Operators' Group
Re: Disabling QAZ (was Re: Port 139 scans)
daemon@ATHENA.MIT.EDU (Travis Pugh)
Sat Sep 30 11:44:17 2000
Date: Sat, 30 Sep 2000 11:42:23 -0400 (EDT)
From: Travis Pugh <tpugh@shore.net>
To: Jason Slagle <raistlin@tacorp.net>
Cc: Mike Lewinski <mike@rockynet.com>, nanog@merit.edu
In-Reply-To: <Pine.BSO.4.21.0009301112400.25207-100000@mail.tacorp.net>
Message-ID: <Pine.GSO.4.21.0009301133440.11807-100000@cider.ecosoft.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
I think hosting a DDoS tool or disruptive trojan is a violation of my
AUP. I've only found one copy on a customer network, but they seem to
respond well to the "run this .reg file and remove this file to clean your
box or we'll pull the plug" email ... it really doesn't seem to be the
ISPs job to clean our customer's machines, but it is our job to enforce
acceptable use policies. Why not use that, and leave it up to the
customer to comply or not (with the documented penalties for
noncompliance).
-travis
On Sat, 30 Sep 2000, Jason Slagle wrote:
>
> What about saying that the port 7759 connection is an attempt to authorize
> a user connecting to your port 139?
>
> Jason
>
> ---
> Jason Slagle - CCNA - CCDA
> Network Administrator - Toledo Internet Access - Toledo Ohio
> - raistlin@tacorp.net - jslagle@toledolink.com - WHOIS JS10172
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.12 GE d-- s:+ a-- C++ UL+++ P--- L+++ E- W- N+ o-- K- w---
> O M- V PS+ PE+++ Y+ PGP t+ 5 X+ R tv+ b+ DI+ D G e+ h! r++ y+
> ------END GEEK CODE BLOCK------
