[nsp-sec] intercage/atrivo
Jose Nazario
jose at arbor.net
Mon Sep 22 11:24:36 EDT 2008
On Mon, 22 Sep 2008, Darren Grabowski wrote:
> I can say that without a shadow of a doubt that they will only act on
> complaints that they receive and will not actually go out looking for
> problems on their own network. I only sent PIE a portion of what I
> found or was reported, and sat on the rest of it. Shockingly enough (no,
> not really), they only got rid of the stuff I reported.
darren, a few things.
first, glad to hear that you got a bunch of info from folks.
secondly, their MO as i have seen it has been to tidy up the obvious
that's been pointed out but it will reappear soon, just in a slightly
different location.
thirdly, i am as guilty as many folks in not reporting stuff. i simply get
frustrated in building reports, mining for info, sending it off and seeing
nothing done about it. i'd rather protect the good guys by arming them
with knowledge to detect badness than to ask the bad guys to knock it off.
this is not a long term winning strategy, i know.
-------------------------------------------------------------
jose nazario, ph.d. <jose at arbor.net>
security researcher, office of the CTO, arbor networks
v: (734) 821 1427 http://asert.arbornetworks.com/
More information about the nsp-security
mailing list