Other than the possibility that such an abuser might hog bandwidth outside
your firewall in VictimLAN, why would you not just blacklist the bum or his
entire subnet/ISP and be done with it? I have several class C, some class B,
and a very few class A networks blocked completely since I never (!) saw any
traffic from them other than hostile. In addition, we automatically block a
dynamic list of individual addresses that I'd rather not communicate with.
Some of these addresses are surely spoofed, and some of the addresses within
the blocked networks are surely not hostile, but I'm still waiting for the
first complaint that I blocked one somebody needed.
Chuck Sterling
Magic is REAL, unless declared INTEGER.
> ----------
> From: Karim Amrani[SMTP:[EMAIL PROTECTED]]
> Reply To: [EMAIL PROTECTED]
> Sent: Thursday, June 15, 2000 7:16 AM
> To: fw mailing list
> Subject: Re: [FW1] hacker 194.73.175.25
>
> <<File: kamrani.vcf>>
> Hi,
>
> I agree with you for the 'I am in the pissed-off stage right now' part.
> Unfortunately, I did not have such wonderful results with emailing
> [EMAIL PROTECTED]
> The one that is really on my nerves right now is one of the main ISP in
> France
> (subsidiary of the original telco in France). They never respond to emails
> to
> [EMAIL PROTECTED] (that's their name) and are not able to answer you on the
> phone
> about that ('just customer support').
> The scans from their customers are occurring on a daily basis for over 9
> months.
>
> I'm not a big fan of retaliation but I'm not a big fan of being cornered
> either...
>
<snip>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
