On 2 May 2004 11:10:12 -0400, vaguely proposed a
theory
.......and in reply I say!:
remove ns from my header address to reply via email

I believe you were talking about MyNe****chman specificly.

Not exactly. I did ask for alternatives. Are there any? When you do it
yourself, email by email, hit by hit, newsgroups post by ng post, it
is simply time-consuming and disheartening.

I have even tried tracing stuff back, and susualy end u0p at IANA (I
am no expert in this) who immediately have a huge statement saying
"It's not us!"

If MNWM and others like it are a waste of time, it looks pretty grim
from "my" side. I was hoping that there were orgs that had people far
more skilled than I am at tracing and understanding the web. While I
am willing to put in a lot of effort, I was fully aware of my
ignorance of the finers points, or anything like them.

Interestingly, my ISP, with whom I had developed quite a good rapport,
have said "Go ahead and USE MNWM, and wee will get the reports
gladly". They recommend them.

I wouldn't bother
with them. As one of those on the "source ISP" end of things, we get notices
from them often and they are useless. They report that someone with foo
address tried to make a connection to baz address on this date. There isn't
enough information in the reports to determine what was happening and why,
so it gets ignored. Requests for more information from MyNe****chman were
also never answered.

hmmmm. That is a problem. From my side, when I tried to send the full,
unparsed firewall report, I was told it was "not in the right format
for auto investigation" and I was ignored. Both my ISP and their
backbone recommended that I use MNWM, or DSHIELD.


MyNe****chman doesn't seem to have any standards for how the firewalls it
allows to report problems are configured. People just put them into ultra
paranoid/delusioinal mode and report away. In this situation, a single
mistyped address results in a flurry of reports back to the source ISP. I
doubt any ISP takes these guys seriously.

I wouldn't waste my money on them.

I haven't. They are free. G. I admit they ask for donations.

OK. What they do provide is a feeling that _somebody_ is doing
something. I can assure you that it's easy to NOT feel that, as a Net
user.

Your reply to Bruce, laying out actions you are taking, is
interesting. Perhaps more of that needs to be said publicly? But then
of course if there is not an instant improvement, people will say
"Yeah Yeah".

But at the moment the feeling that ISPs need a kick in the butt is
easy to build, justified or not, because there is a feeling of no
reaction at all, either to private attempts, or to reporting sites
like MNWM.

As a user, who wants to protect themselves, I have _absolutely_ no
idea, if I get a hit (and I have my firewall set to medium in most
cases) what damage it does, and do not have the time or the interest
to understand it all. I do have to admit that I have only had
firewalls for maybe a month, and before that I had noticed constant
activity, in littel bits, on my Net activity monitor. Nothing much
ever happened. I wouold run a malware checker over the machine every
day, and pick up a few funnies and kill them. But of course I had no
idea what they had deon in the meantime. One of them did bite, and it
was a right royal PITA.

If the info you get is useless or questionable, then maybe it's
because there is not enough communication between firewall makers,
MMWM and you guys? I say that because again, Users are going to be the
most numerous, capricious, lazy and hardest to teach. G?? I have no
idea HOW you filter a typo from a genuine problem, but I can assure
you that when I start getting 300 hits from one ISP each day, I KNOW
that's not typos.
************************************************** **
The Met Bureau is LOVE!