Abuse reports

PCHoldmannPCHoldmann Member Posts: 450
Does anyone know what higher authority a person can go to if there has been abuse (port scans, etc.) from a provider's network, and the provider has not stopped the offender? BTW, this is a US provider.

Thanks!

Peter
There's no place like ^$
Visit me at Route, Switch, Blog

Comments

  • forbeslforbesl Member Posts: 454
    Go to http://ws.arin.net/cgi-bin/whois.pl, type in the IP address of the offender. Within the search results you should see the following:

    OrgAbuseHandle: ABUSE10-ARIN
    OrgAbuseName: Abuse
    OrgAbusePhone: +1-703-345-3416
    OrgAbuseEmail: [email protected]

    Pay no attention to the actual handle, name, phone, and email I have listed here. That's just an example I pulled up from a host registered with Road Runner LLC.
  • !30!30 Member Posts: 356
    I think you mean : http://ws.arin.net/cgi-bin/whois.pl

    Your link has a "," , and maked it not working , just for begginers icon_lol.gif
    Optimism is an occupational hazard of programming: feedback is the treament. (Kent Beck)
  • PCHoldmannPCHoldmann Member Posts: 450
    I did that, contacted the ISP, and the activity stopped briefly, restarted and wasn't stopped again, even after contacting the ISP again.
    There's no place like ^$
    Visit me at Route, Switch, Blog
  • forbeslforbesl Member Posts: 454
    I hear ya. Unfortunately many times that activitiy is coming from a spoofed IP addresess(es). If that is the case, there is nothing the service provider can do.

    The best thing to do is make sure you have good perimeter security. If possible at a minimum, make sure your perimeter device is set to block all of that traffic. The next best thing to do if you have a cisco router is flash it with the IOS firewall feature set and implement CBAC on it. If this is a home connection, get yourself a router/firewall that uses stateful packet inspection (SPI). Linksys and Netgear make some good ones.
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    PCHoldmann has been around the block a few times, I am sure he has all those precautions in place. If your ISP won't address the issue, then the only thing you can do is change providers.
    All things are possible, only believe.
  • forbeslforbesl Member Posts: 454
    sprkymrk wrote:
    PCHoldmann has been around the block a few times, I am sure he has all those precautions in place. If your ISP won't address the issue, then the only thing you can do is change providers.

    My main point is that if you have your perimeter secured (properly), you don't have to worry about any unauthorized scanning.

    Is there a full moon out or something? Sure seem to have a lot of short tempers today....
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    forbesl wrote:
    sprkymrk wrote:
    PCHoldmann has been around the block a few times, I am sure he has all those precautions in place. If your ISP won't address the issue, then the only thing you can do is change providers.

    My main point is that if you have your perimeter secured (properly), you don't have to worry about any unauthorized scanning.

    Is there a full moon out or something? Sure seem to have a lot of short tempers today....
    I agree with you on that, I wasn't mad when I wrote my response.
    When I'm mad, I type faster. That's how you can tell. icon_lol.gif
    All things are possible, only believe.
Sign In or Register to comment.