Thanks for any feedback
N
From: Gene <[EMAIL PROTECTED]>
To: netsec novice <[EMAIL PROTECTED]>
Subject: Re: Incident Response
Date: Thu, 05 Dec 2002 15:23:41 -0800
when you say scanned, what type of scan? if they are doing intrusive scan, i would go ahead and contact their administrator and explain to him about your concern, but make sure you have the data to back it up.
IH really depends on what type.
netsec novice wrote:
Every day we get scanned by various entities and some are more persistent than others. I'm looking for input on when most of you decide to send an e-mail or make contact with the person listed as abuse contact or responsible party according to whois for the source address. Since most are coming from overseas I haven't bothered figuring I wouldn't get a response anyway and was also concerned that initiating contact may make things worse. Scans seem fairly commonplace so I generally don't get alarmed. I'd love to hear about your practices for incident handling.
N
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
-- Gene Yoo, [EMAIL PROTECTED]
_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
