From: Jared Mauch (no email)
Date: Fri Oct 26 2001 - 00:37:26 EDT
They should just implement it via a cgi on their webpage
where you can disable by your IP or some netblocks.
The other thing to do is to just rate-limit icmp and know
that their stats will be off/incorrect.
btw, 3 days does give them sufficent time to respond assuming you
were to send them something after COB on friday to respond by
monday. The encoding of the abuse info is better than those old +++ATH
On Thu, Oct 25, 2001 at 09:07:32PM -0700, Todd Suiter wrote:
> On Thu, 25 Oct 2001, Christopher Wolff wrote:
> > ---------- Original Message ----------------------------------
> > From: Sean Gleason <>
> > Date: Fri, 26 Oct 2001 01:02:21 +0000 (GMT)
> > At this point you can:
> > 1) Do nothing. Please accept our apologies and be assured that your
> > machines are not being pinged by a hostile party.
> Hostile is a matter of definition. For some of us, these would be another
> in the category of 'false positive' events that LOTs of us look at by
> hand. I may be nitpicking here, but every security/network person who
> takes time out of their schedule to analyze and dig into this 'test', is
> having their time wasted. And the several days time frame is just poor judgement.
-- Jared Mauch | pgp key available via finger from clue++; | http://puck.nether.net/~jared/ My statements are only mine.