Next Steps
Finding the source address of one or more attacking hosts might require considerable effort. Remember, too, that the majority of people who engage in unauthorized network activities exercise great care in covering their tracks. Assuming that you have discovered one or more source addresses, however, what are some logical next steps? This portion of the chapter explains possible subsequent courses of action.
Sending Email to abuse@
One course of action is to send email to abuse@<domainname> or possibly root@<domainname>. For example, if you discover that a particular IP address is within the aol.com domain, you can try to send mail to abuse@aol.com. Your message is likely to be received by someone who administers security in the domain ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
