[nsp-sec] intercage/atrivo
Jared Mauch
jmauch at us.ntt.net
Mon Sep 22 13:13:54 EDT 2008
On Mon, Sep 22, 2008 at 11:24:36AM -0400, Jose Nazario wrote:
> ----------- nsp-security Confidential --------
>
> On Mon, 22 Sep 2008, Darren Grabowski wrote:
>
>> I can say that without a shadow of a doubt that they will only act on
>> complaints that they receive and will not actually go out looking for
>> problems on their own network. I only sent PIE a portion of what I
>> found or was reported, and sat on the rest of it. Shockingly enough
>> (no, not really), they only got rid of the stuff I reported.
>
> darren, a few things.
>
> first, glad to hear that you got a bunch of info from folks.
>
> secondly, their MO as i have seen it has been to tidy up the obvious
> that's been pointed out but it will reappear soon, just in a slightly
> different location.
>
> thirdly, i am as guilty as many folks in not reporting stuff. i simply
> get frustrated in building reports, mining for info, sending it off and
> seeing nothing done about it. i'd rather protect the good guys by arming
> them with knowledge to detect badness than to ask the bad guys to knock
> it off. this is not a long term winning strategy, i know.
Has anyone been working with LE on this?
(private or pgp encrypted responses acceptable).
- Jared
--
Jared Mauch | I work for but do not always represent NTT America
list admin | +1 313 506 4307 * send list policy questions to
| nsp-security-owner at puck.nether.net
More information about the nsp-security
mailing list