Eagle
 

My Services



My Partners' Services
 

Network Abuse

I can help handle these network abuse issues:

Bandwidth-based, externally-originating DOS attacks: Provided your router is a Cisco, I can figure out what is happening, and help get the effects of the attack stopped. Sometimes, the attacking network or machine can be identified.

Packet attacks against one machine: If someone is repeatedly crashing or preventing one of your machines from being able to accept new connections, the nature of the attack is usually identifiable and blockable. Sometimes, the attacking network or machine can be identified.

Unix machine compromises: If you have a linux server that someone unwanted appears to have gotton into, I may be able to get him out, depending on how far the cracker got in, what preparations you made beforehand for this kind of problem, and what kind of cracker it appears to be. If your particular cracker appears to have gone too far in for me to reliably remove, and you do not want to re-install your machine from scratch, I can refer you to a unix security specialist who is very likely to be able to get the cracker out for you. Sometimes, the machine that the cracker used to compromise or utilize your machine can be identified.

Windows machine compromises: If you have a Windows machine that appears to be compromised, I can use your Cisco router to look at what kind of traffic is coming into it and going out of it, and can identify the ports on which it is accepting connections. If this information is not enough to help you get your Windows machine fixed, or if you need someone who can help with the actual administration or repair of the machine, we can find a Windows specialist to help you (I do not do Windows administration).

Outbound Spam Email:  If you need to prevent your users from sending spam email, and they are doing it directly from dial-up connections into your network, bypassing your mail server completely (as many professional spammers do), we can stop them using your Cisco router's packet filtering abilities.

Inbound Spam Email: If your network is getting a lot of spam email and you have a Linux-based mail server, I can help you investigate whether there are additional anti-spam solutions available for your mail platform and application. I can help implement most sendmail-based solutions.

Evil Users: If you have something going on that isn't mentioned in here, ask me about it.