On Tue, 23 May 2000 21:22:11 -0000, "Dawson, Peter D"
<Dawson(_dot_)Peter(_at_)emeryworld(_dot_)com> said:
lets say a non-student was naughty and was attacking the vt.edu network...
would you feel satisfied with the answer.. "we're aware of it and that
action is being taken as per our procedures".... knowing fully well that
the outage costs is running into a couple of millions on a single site ??
1) As a member of our local CIRT, let me assure you that although
that response usually doesn't give me warm fuzzies, hearing that
action *was* being taken, and being convinced that the people taking
the action were technically clued enough to do it, is at least
something. We recently had one incident, where the source site was
a smallish but not tiny ISP. Turned out they were more than willing
to help, but they were glad that they billed users a flat rate per
month because they didn't have a *clue* how to bill per hour of
connect time because they didn't know where their TAKAX (yes,
that's what they called it - took us a while to decipher it)
logs were going....
2) Much as I'd *love* to be really open with other sites who report
problems with our users, I'm certainly in no mood to have our
legal staff hassling me because I got the university into hot
water by releasing information we weren't allowed to release.
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech