I'm not considering it, unless it is REALLY justified. In my case I have a
small bandwidth that I pay a lot (64kbps USD4500/month). People not patching
their servers cost me a lot of money.
In other hand, I think IDS software should report not only the problem, but
also information to the human on how to tackle the problem. When you see a
problem with an IP reported by IDS, then you have to investigate yourself
(host, network,...). If it was done automatically for you then you would
have information to take a decision: who to e-mail, what to e-mail, should I
e-mail or call the FBI or do nothing,...
Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: franck(_at_)sopac(_dot_)org <mailto:franck(_at_)sopac(_dot_)org>
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support FMaps: http://fmaps.sourceforge.net/
<http://fmaps.sourceforge.net/>
This e-mail is intended for its addresses only. Do not forward this e-mail
without approval. The views expressed in this e-mail may not be necessarily
the views of SOPAC.
-----Original Message-----
From: stanislav shalunov [mailto:shalunov(_at_)internet2(_dot_)edu]
Sent: Monday, 1 October 2001 3:55
To: Franck Martin
Subject: Re: Nimda virus and whois search...
Please seriously consider not sending automated email in this way.
You're not making matters better by creating a storm of email messages
in addition to an already existing storm of HTTP queries. Your
response might be worse than the original problem.
--
Stanislav Shalunov http://www.internet2.edu/~shalunov/
"You wake me up early in the morning to tell me I am right? Please
wait until I am wrong." -- John von Neumann, on being phoned at 10 a.m.