Maeglin (maeglin73) wrote,
Maeglin
maeglin73

  • Mood:
  • Music:

On Road Runner and anal sysadmins...

Two days ago I logged an attack attempt on my co-located server (excalibur) from a Road Runner customer somewhere near Wilmington, NC (according to the IP address, at least). Yesterday, I sent the following email to their abuse dept...
I logged a portscan, along with DNS, mail and web server probes, from a
customer of yours around noon EDT yesterday.  The source IP address was
66.56.205.51 (ilm56-205-051.ec.rr.com).  The attachment contains the part of
the system and web server logs showing when and what probes were attempted.
Your immediate action is appreciated.
Since the log excerpts were over half a meg in size, I zipped them up and sent them with that email. After all, whenever I'm being sent logs myself for something, it seems easier to deal with an attached file, compressed if it's something huge. Then again, that could be because most of those are Windows crash logs, which word wrap tends to destroy if they're just pasted into the email.

This morning, I got the following reply:
Road Runner will not accept logs that are not in plain text (ascii) 
format. Do not attach files to your e-mail. All logs must be included in
the body of the message.
Ok, I'm thinking... if they want to be that anal about it, I'll send them what they want... and so I did, all 600k of it, all in the body of the email for their beady eyes to peruse. I hope they're happy now :-)
Subscribe
  • Post a new comment

    Error

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 3 comments