On Fri, Aug 8, 2008 at 3:25 PM, Brad Wood <[EMAIL PROTECTED]> wrote: > Yeah, I'm well aware of the near impossibility of ever tracking IP address > to anything useful, but I'm a person who likes data, for within mounds of > useless data can be found trends. Most of all, I'm just curious. Also, I'd > like to explore the possibility of reporting compromised people to their > ISPs. Some US ISPs do have abuse policies that might cause them to pressure > their users to clean themselves. A number of these attacks could have come > from servers for all we know. Servers are desirable for Trojans due to > their fast internet connections and 24/7 uptime. > > ~Brad >
Once we followed around the IP addresses of what appeared to be a lone form stuffer. We began to ban any requests from his IP. Then 20-30 minutes later he would show up again with a different IP. Investigating his IP addresses showed him "coming" from Chili, Denmark, etc. So how is anyone going to be able to effectively communicate with these IPs to tell them about the compromised systems on their network? The problem becomes even more difficult to enforce since IPs don't necessarily want to offend their paying customers. Eric Pierce ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310571 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
