TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:19184] compromised host netiquette
I would normaly contact the 2nd level domain admin.. using the whois
information, or I look to the their 2nd level domain web page, to see if
there are any contact phone numbers, or email's for such thing.. also
abuse@2ndlevel.dom is also common for ISP's
Thank You,
Ben Kochie (ben@nerp.net)
*-----------------------* [ - * - * - * - * - * - * - * - ]
| Unix/Linux Consulting | [ Haiku Error Message: ]
| PC/Mac Repair | [ Chaos reigns within. ]
| Networking | [ Reflect, repent, and reboot. ]
| http://nerp.net | [ Order shall return. ]
*-----------------------* [ - * - * - * - * - * - * - * - ]
"Unix is user friendly, Its just picky about its friends."
On Mon, 26 Jun 2000, Carl Wilhelm Soderstrom wrote:
> I seem to be getting portscans of my network from
> 166.49.72.158; which, when I nmap, shows up as
> 'live-split.wtn.rbn.com'. this seems to be one of Real Networks'
> servers.
>
> what's the proper netiquette for alerting some host that they might
> have been compromised?
>
> Carl Soderstrom
> _________________________________________
> Systems Administrator 307 Brighton Ave.
> Minnesota DHIA Buffalo, MN
> carls@agritech.com (763) 682-1091
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
>