[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Abuse Desks
Good thing I care, but that's missing the point here - the volume of abuse requests makes the entire abuse system
unworkable. Not for me so much, I can deal with the volume (a few obnoxious individuals aside), but AWS/OVH/Hertzner
appear to have decided they cannot, and that means I can't contact them if there's something more serious going on.
I highly doubt so many folks "don't care" about potentially compromised hosts, in fact I know for sure several of them
have deployed a number of full-time staff to build solutions to monitor for such things. The fact that those solutions
often don't involve their abuse system should tell us something.
Matt
On 4/29/20 3:44 AM, Dan Hollis wrote:
> On Tue, 28 Apr 2020, Matt Corallo wrote:
>> Sadly dumb kids are plentiful. If you have to nag an abuse desk every time they sell a server to a kid whoâ??s
>> experimenting with nmap for the first time then.... weâ??ll end up exactly where we are - abuse contacts are not a
>> reliable way to get in touch with anyone, and definitely not a reliable way to do so fast or with any reasonably large
>> network. Please donâ??t clog the otherwise-useful system.
>
> compromised servers on your infrastructure hosting nigerian criminals look much the same as a script kiddie
> experimenting with nmap.
>
>> If you have trouble sleeping at night, Iâ??d recommend the â??PasswordAuthentication noâ?? option in sshd_config.
>
> you either care about reports of potentially compromised hosts on your infrastructure or you don't.
>
> -Dan
- References:
- Abuse Desks
- From: muks at mukund.org (Mukund Sivaraman)
- Abuse Desks
- From: nanog at as397444.net (Matt Corallo)
- Abuse Desks
- From: goemon at sasami.anime.net (Dan Hollis)