Whether Covad chooses to enforce their AUP against port scanning is a business decision up to them. Again, why worry about things out of your control, especially when we are talking about port scanning. I would think people have more pressing issues, guess not.
-- Ross ross [at] dillio.net > > In message <20090312120816.b...@egps.egps.com>, "N. Yaakov Ziskind" > writes: >> JC Dill wrote (on Thu, Mar 12, 2009 at 09:02:25AM -0700): >> > Ross wrote: >> > >> > There seems to be a big misconception that he asked them to "hand >> over" >> > the info. As I read the OP, he asked Covad to do something about it >> > and Covad said "we can't do anything about it because we don't have >> > logs". Here's a quote from the OP: > > The real problem is that Covad claim (second hand) that they can't > identify the perpetrator(s). > > I've been nudging an operator at Covad about a handful of > hosts from his DHCP pool that have been attacking - > relentlessly port scanning - our assets. I've been informed > by this individual that there's "no way" to determine which > customer had that address at the times I list in my logs - > even though these logs are sent within 48 hours of the > incidents. > > One shouldn't need to have to get the indentities of the perpetrators > to get AUP enforced. Port scanning is against 99.9% of AUP's. > > Mark > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org > >