Does anyone else bother to look at the header, do a who is on the IP and notify the responsible party of the possible problem on their IP? I see the IPs in the e-mail headers so if someone was notified do you think they can find the actually infected user? Would they bother? I checked some of my border appliances and saw repeated scans on port 135 - when I tried to tell some of the ISPs who owned the IP block that I thought they might have the blaster worm, I met with hostile "abuse bots" telling me that I didn't send them enough info or I got no reply at all. I know I'd appreciate it if someone found that one of the systems in my network was compromised. Is anyone doing this at all? I mean could we find some of these computers with sobig and alert the cable company and they can call the user to get it stopped? I know this would be very time consuming, but even if we got a few....
Marc --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
