Dear Fortune 50 companies,
If your proxy appliance appears to be leaking valid internal credentials to sites that you visit on the Internet i.e. passing Proxy-Authorization strings, you would like to know wouldn't you? I had such a case recently and when I tried to contact the company via the phone number listed for abuse with ARIN the not so friendly switchboard operator refused to connect me stating that "IT was a restricted department and she could not put me through to anyone without a name." So instead of a five minute phone call, I had to spend 30 minutes scrubbing packet data to remove the aforementioned base64 encoded password to send to your abuse@ e-mail in hopes that somebody would read it. So I ask you please to make sure that your ARIN information is correct and that somebody can actually get a hold of you when they need to.
Regards,
Will
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment