[46321] in North American Network Operators' Group
RE: PacBell Security/Abuse contact
daemon@ATHENA.MIT.EDU (Joe Blanchard)
Mon Mar 25 18:20:32 2002
Message-ID: <E9BBE0941932D511934C0002A52CDB4E0127F80F@sj-exchange.wyse.com>
From: Joe Blanchard <jblanchard@wyse.com>
To: nanog@merit.edu, "'Jeremy T. Bouse'" <Jeremy.Bouse@undergrid.net>
Date: Mon, 25 Mar 2002 15:13:24 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C1D452.A9F224F0"
Errors-To: owner-nanog-outgoing@merit.edu
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C1D452.A9F224F0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Pacbell's Abuse/Security Depts are totally useless with regard
to assisting its own customers, let alone defending them.=20
For the better portion of a few months now, I've=20
emailed/called many times with regard to CodeRed boxes (On=20
their netblocks) and have yet to see them take any action.=20
Anyone I talked with there indicated, after giving them the offending =
IPs,
that someone would contact the customer and get it resolved. To date
nothing has been done. I still see the same anonying IPs looking for
codered stuff on my Apache systems. I won't even get started about the
Caymen routers that have no password set on them, and the list of 30
of them I emailed to thier NOC/Abuse and a sales rep. That was over
3 months ago, and still they seem to be wide open, at least a few (I =
suspect
someone changed them, probably were hacked given this amount=20
of time.)=20
I can understand their wanting to keep their customers anonymousness,=20
but if they won't followup with them to (in this case help themselves)
erraticate=20
infected boxes that are on their business customer's DSL, doesn't that =
place
them in the area of liability? Don't know, Just my 2=A2s
-Joe
> ----------
> From: Jeremy T. Bouse[SMTP:Jeremy.Bouse@undergrid.net]
> Sent: Sunday, March 24, 2002 11:11 PM
> To: nanog@merit.edu
> Subject: PacBell Security/Abuse contact
>=20
>=20
> Anyone have a telephone number that can reach a live person
> within Pacific Bell's Security/Abuse department? PacBell's technical
> support is completely inept with trying to help their customers when
> under any form of network attack other than passing you to a =
toll-free
> number which informs you to send email to an address that goes =
without
> answer.
>=20
> Respectfully,
> Jeremy T. Bouse
> UnderGrid Network Services
>=20
------_=_NextPart_001_01C1D452.A9F224F0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3DUS-ASCII">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: PacBell Security/Abuse contact</TITLE>
</HEAD>
<BODY>
<BR>
<P> <FONT COLOR=3D"#0000FF" =
SIZE=3D2 FACE=3D"Arial">Pacbell's Abuse/Security Depts are totally =
useless with regard</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">to assisting its =
own customers, let alone defending them. </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">For the better =
portion of a few months now, I've </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">emailed/called many =
times with regard to CodeRed boxes (On </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">their netblocks) =
and have yet to see them take any action. </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">Anyone I talked =
with there indicated, after giving them the offending IPs,</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">that someone would =
contact the customer and get it resolved. To date</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">nothing has been =
done. I still see the same anonying IPs looking for</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">codered stuff on my =
Apache systems. I won't even get started about the</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">Caymen routers that =
have no password set on them, and the list of 30</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">of them I emailed =
to thier NOC/Abuse and a sales rep. That was over</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">3 months ago, and =
still they seem to be wide open, at least a few (I suspect</FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">someone changed =
them, probably were hacked given this amount </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">of time.) </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">I can understand =
their wanting to keep their customers anonymousness, </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">but if they won't =
followup with them to (in this case help themselves) erraticate </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">infected boxes that =
are on their business customer's DSL, doesn't that place </FONT>
<BR><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">them in the area of =
liability? Don't know, Just my 2¢s</FONT>
</P>
<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">-Joe</FONT>
</P>
<UL>
<P><FONT SIZE=3D2 FACE=3D"MS Sans Serif">----------</FONT>
<BR><B><FONT SIZE=3D2 FACE=3D"MS Sans Serif">From:</FONT></B> =
<FONT SIZE=3D2 FACE=3D"MS Sans Serif">Jeremy T. =
Bouse[SMTP:Jeremy.Bouse@undergrid.net]</FONT>
<BR><B><FONT SIZE=3D2 FACE=3D"MS Sans Serif">Sent:</FONT></B> =
<FONT SIZE=3D2 FACE=3D"MS Sans Serif">Sunday, March 24, 2002 11:11 =
PM</FONT>
<BR><B><FONT SIZE=3D2 FACE=3D"MS Sans Serif">To:</FONT></B> =
<FONT SIZE=3D2 FACE=3D"MS Sans =
Serif">nanog@merit.edu</FONT>
<BR><B><FONT SIZE=3D2 FACE=3D"MS Sans Serif">Subject:</FONT></B> =
<FONT SIZE=3D2 FACE=3D"MS Sans =
Serif">PacBell Security/Abuse contact</FONT>
</P>
<BR>
<P> <FONT SIZE=3D2 =
FACE=3D"Arial">Anyone have a telephone number that can reach a live =
person</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">within Pacific Bell's Security/Abuse =
department? PacBell's technical</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">support is completely inept with =
trying to help their customers when</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">under any form of network attack =
other than passing you to a toll-free</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">number which informs you to send =
email to an address that goes without</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">answer.</FONT>
</P>
<P> <FONT SIZE=3D2 =
FACE=3D"Arial">Respectfully,</FONT>
<BR> <FONT SIZE=3D2 =
FACE=3D"Arial">Jeremy T. Bouse</FONT>
<BR> <FONT SIZE=3D2 =
FACE=3D"Arial">UnderGrid Network Services</FONT>
</P>
</UL>
</BODY>
</HTML>
------_=_NextPart_001_01C1D452.A9F224F0--
