How about contacting their upstream ISP that is connecting them to the net and demanding they do something about attacking your systems. See if you can get them cut off the net by the possibility of lawsuit for damages and costs incurred to to their negligence. > > > Most companies caught with their pants around their ankles always use > the 'legal action' response. > > Nobody likes to admit that they missed something, or fscked up in some > way. Over the years I've found that admins (especially those reponsible > for network security) fall into two categories: > > 1) They are kick-ass, up-to-date, open to suggestions and make their > employers glad they hired them... not to mention like to spread their > wealth of knowledge around and learn at the same time. These types > typically get 'lunch on the boss' frequently. :-) > > or > > 2) They are slow-to-move, generally reactive as opposed to proactive and > tend to belittle anyone who tries to help them with an obvious problem. > Generally these types have large egos and small brains. *grin* They are > typically the most tech-fluent person in their comapny, and usually what > they say goes. God help anyone who wants to 'show them the light' or > interrupt their IRC session/Quake Match. > > I have stopped contacting these Code-Red victims for a for reasons. > > 1) I don't have time to play security cop for these places. > 2) I don't want any possible legal action against me for being a good > samaritan. > 3) I'm now under the opinion that if you run M$ server software and > don't take the responsibility (or follow up with those that do) to > install security patches for a worm that is broadcast on CNN every > night, you deserve all the trouble you're incurring/causing. > > I'll be sleeping in my bed, dreaming of Kernel 3.0 and IPv6. LOL > > > > ~ Gary ~ > > On 08 Aug 2001 13:41:13 -0700, Kim Allen wrote: > > I've been contacting the sites that my server logs shows that have been > > hitting me with the code red signature and so far no one has bothered to > > respond except for one. However that site has told me how secure they are > > and how there is no way that they have any problems. When I sent them the > > portions of my server logs showing they do have problem they threaten > > legal action. Anyone else have had this type of response?