[46310] in North American Network Operators' Group
RE: PacBell Security/Abuse contact
daemon@ATHENA.MIT.EDU (LeBlanc, Jason)
Mon Mar 25 15:24:03 2002
Message-ID: <30AEDFDE01F54A4582E1F69E78860D759F6E76@sjc-exm-18.corp.ebay.com>
From: "LeBlanc, Jason" <Jml@ebay.com>
To: 'Jon Mansey' <jon_mansey@verestar.com>,
"Cheung, Rick" <Rick.Cheung@NextelPartners.com>
Cc: nanog@merit.edu
Date: Mon, 25 Mar 2002 12:20:01 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Errors-To: owner-nanog-outgoing@merit.edu
I agree.
> -----Original Message-----
> From: Jon Mansey [mailto:jon_mansey@verestar.com]
> Sent: Monday, March 25, 2002 12:17 PM
> To: Cheung, Rick
> Cc: nanog@merit.edu
> Subject: Re: PacBell Security/Abuse contact
>=20
>=20
>=20
> UUnet, excellent responsive abuse team IMHO.
>=20
> jm
>=20
> On Monday, March 25, 2002, at 12:12 PM, Cheung, Rick wrote:
>=20
> > =A0=A0=A0=A0=A0=A0=A0 Does anyone have an opinion on a decent ISP =
out=20
> there that's=20
> > proven to work with the customer during a DDOS storm?
> >
> >
> > Rick Cheung
> >
> > -----Original Message-----
> > From: Jeremy T. Bouse [mailto:Jeremy.Bouse@undergrid.net]
> > Sent: Monday, March 25, 2002 2:46 PM
> > To: nanog@merit.edu
> > Subject: Re: PacBell Security/Abuse contact
> >
> >
> >
> > =A0=A0=A0=A0=A0=A0=A0 More specifically I belive this is a =
Distributed=20
> Reflection DoS
> > like what hit GRC.COM back on Jan 11th... Basically a flood of SYN
> > packets to well known ports from IPs which appear to be=20
> spoofed. I've
> > actually been riding it out now for over 2 weeks...
> >
> > =A0=A0=A0=A0=A0=A0=A0 The tech support is completely inept and =
trying to contact
> > security/abuse is pointless. Final realization of this was=20
> when I was
> > investigating another PacBell customers box which had been=20
> compromised
> > via another PacBell customer machine. After the forensics=20
> to get back
> > logs and track the intrusion I tried contacting PacBell to=20
> no avail and
> > then resulting it tryin to get in contact with their=20
> customer directly.
> > Which I managed to do and resolve the issue... I've never dealt =
with
> > such an inept company before.
> >
> > =A0=A0=A0=A0=A0=A0=A0 Jeremy
> >
> > On Mon, Mar 25, 2002 at 11:18:23AM -0800, Daniel M. Spielman wrote:
> > >
> > > At 11:11 PM 3/24/2002 -0800, you wrote:
> > >
> > > >=A0=A0=A0=A0=A0=A0=A0 Anyone have a telephone number that can =
reach a=20
> live person
> > > >within Pacific Bell's Security/Abuse department?=20
> PacBell's technical
> > > >support is completely inept with trying to help their=20
> customers when
> > > >under any form of network attack other than passing you=20
> to a toll-free
> > > >number which informs you to send email to an address=20
> that goes without
> > > >answer.
> > > >
> > > >=A0=A0=A0=A0=A0=A0=A0 Respectfully,
> > > >=A0=A0=A0=A0=A0=A0=A0 Jeremy T. Bouse
> > > >=A0=A0=A0=A0=A0=A0=A0 UnderGrid Network Services
> > >=A0=A0=A0=A0=A0=A0=A0=A0 I've had a similar experience with their =
tech=20
> team. I was being
> > > dos'd from a college in Chicago so I contacted them to=20
> have it filtered=20
> > out
> > > and they had no idea what I meant. They suggested I email=20
> the Admin at=20
> > the
> > > college to get it resolved. I started screaming at them=20
> how am i going=20
> > to
> > > email someone when I am being=A0 attacked. Then they=20
> transferred me to=20
> > their
> > > supervisor who was even more inept then they were.=20
> Frankly i gave up and
> > > just waited out the dos attack which lasted 2 1/2 days.
> > >
> >
>=20
