> Does anyone else bother to look at the header, do a who is on the IP and > notify the responsible party of the possible problem on their IP? I see the > IPs in the e-mail headers so if someone was notified do you think they can > find the actually infected user? Would they bother?
MY experience, I can't get the 4 or 5 people on our service to clean the viruses off their machines, I'm not going to waste my time trying to track who else is infected. A lot of people A: Don't care, or B: Don't know how to operate a computer, much less download a virus update, repair tool, etc. > I checked some of my border appliances and saw repeated scans on port 135 - > when I tried to tell some of the ISPs who owned the IP block that I thought > they might have the blaster worm, I met with hostile "abuse bots" telling me > that I didn't send them enough info or I got no reply at all. I know I'd > appreciate it if someone found that one of the systems in my network was > compromised. Is anyone doing this at all? I mean could we find some of > these computers with sobig and alert the cable company and they can call the > user to get it stopped? I know this would be very time consuming, but even > if we got a few.... In the end, all you can do is make sure your stuff is secure, and up to date, and working properly. As long as your virus scanner is catching them entering, your users should be safe. You could email til your hands fall off, I doubt it would make any noticable difference. =) Paul --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.