[83406] in North American Network Operators' Group
Re: botnet reporting by AS - what about you?
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Sat Aug 13 00:11:29 2005
Date: Sat, 13 Aug 2005 04:10:37 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to:
<A206819EF47CBE4F84B5CB4A303CEB7A5218E6@dul1wnexmb01.vcorp.ad.vrsn.com>
To: "Hannigan, Martin" <hannigan@verisign.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
On Sat, 13 Aug 2005, Hannigan, Martin wrote:
>
> I was on it and unsubscribed. They wouldn't disclose the collection or
> validation process at that time. This made it useless for the most part
> as its hard to act on someones word without some idea of how they are
> getting their data and avoiding collateral damage.
>
this was part of my point ;( It's hard to call up a customer and say:
"someone told me that you were bad, could you stop please?" normally they
hangup after saying something uncooth and about 'you are crazy'... :( I
may be crazy, but most of the abuse folks aren't.
there has to be complete info in the complaint:
1) logs
2) timestamps
3) timezones
they should be in some structured (see inch-wg/rid for some
almost-standards-based examples) text-based format that is easily parsable
by machines.
