[46308] in North American Network Operators' Group
Re: PacBell Security/Abuse contact
daemon@ATHENA.MIT.EDU (Jon Mansey)
Mon Mar 25 15:18:06 2002
Date: Mon, 25 Mar 2002 12:17:02 -0800
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Mime-Version: 1.0 (Apple Message framework v481)
Cc: nanog@merit.edu
To: "Cheung, Rick" <Rick.Cheung@NextelPartners.com>
From: Jon Mansey <jon_mansey@verestar.com>
In-Reply-To: <5B2BB95CB505D5119D480002A534919501056430@mnmtkex3.nextelpartners.com>
Message-Id: <447C6CF8-402D-11D6-A14A-003065477C74@verestar.com>
Content-Transfer-Encoding: quoted-printable
Errors-To: owner-nanog-outgoing@merit.edu
UUnet, excellent responsive abuse team IMHO.
jm
On Monday, March 25, 2002, at 12:12 PM, Cheung, Rick wrote:
> =A0=A0=A0=A0=A0=A0=A0 Does anyone have an opinion on a decent ISP out =
there that's=20
> proven to work with the customer during a DDOS storm?
>
>
> Rick Cheung
>
> -----Original Message-----
> From: Jeremy T. Bouse [mailto:Jeremy.Bouse@undergrid.net]
> Sent: Monday, March 25, 2002 2:46 PM
> To: nanog@merit.edu
> Subject: Re: PacBell Security/Abuse contact
>
>
>
> =A0=A0=A0=A0=A0=A0=A0 More specifically I belive this is a =
Distributed Reflection DoS
> like what hit GRC.COM back on Jan 11th... Basically a flood of SYN
> packets to well known ports from IPs which appear to be spoofed. I've
> actually been riding it out now for over 2 weeks...
>
> =A0=A0=A0=A0=A0=A0=A0 The tech support is completely inept and trying =
to contact
> security/abuse is pointless. Final realization of this was when I was
> investigating another PacBell customers box which had been =
compromised
> via another PacBell customer machine. After the forensics to get back
> logs and track the intrusion I tried contacting PacBell to no avail =
and
> then resulting it tryin to get in contact with their customer =
directly.
> Which I managed to do and resolve the issue... I've never dealt with
> such an inept company before.
>
> =A0=A0=A0=A0=A0=A0=A0 Jeremy
>
> On Mon, Mar 25, 2002 at 11:18:23AM -0800, Daniel M. Spielman wrote:
> >
> > At 11:11 PM 3/24/2002 -0800, you wrote:
> >
> > >=A0=A0=A0=A0=A0=A0=A0 Anyone have a telephone number that can =
reach a live person
> > >within Pacific Bell's Security/Abuse department? PacBell's =
technical
> > >support is completely inept with trying to help their customers =
when
> > >under any form of network attack other than passing you to a =
toll-free
> > >number which informs you to send email to an address that goes =
without
> > >answer.
> > >
> > >=A0=A0=A0=A0=A0=A0=A0 Respectfully,
> > >=A0=A0=A0=A0=A0=A0=A0 Jeremy T. Bouse
> > >=A0=A0=A0=A0=A0=A0=A0 UnderGrid Network Services
> >=A0=A0=A0=A0=A0=A0=A0=A0 I've had a similar experience with their =
tech team. I was being
> > dos'd from a college in Chicago so I contacted them to have it =
filtered=20
> out
> > and they had no idea what I meant. They suggested I email the Admin =
at=20
> the
> > college to get it resolved. I started screaming at them how am i =
going=20
> to
> > email someone when I am being=A0 attacked. Then they transferred me =
to=20
> their
> > supervisor who was even more inept then they were. Frankly i gave =
up and
> > just waited out the dos attack which lasted 2 1/2 days.
> >
>
