I'm not considering it, unless it is REALLY justified. In my case I have a small bandwidth that I pay a lot (64kbps USD4500/month). People not patching their servers cost me a lot of money.
In other hand, I think IDS software should report not only the problem, but also information to the human on how to tackle the problem. When you see a problem with an IP reported by IDS, then you have to investigate yourself (host, network,...). If it was done automatically for you then you would have information to take a decision: who to e-mail, what to e-mail, should I e-mail or call the FBI or do nothing,... Franck Martin Network and Database Development Officer SOPAC South Pacific Applied Geoscience Commission Fiji E-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> Web site: http://www.sopac.org/ <http://www.sopac.org/> Support FMaps: http://fmaps.sourceforge.net/ <http://fmaps.sourceforge.net/> This e-mail is intended for its addresses only. Do not forward this e-mail without approval. The views expressed in this e-mail may not be necessarily the views of SOPAC. -----Original Message----- From: stanislav shalunov [mailto:[EMAIL PROTECTED]] Sent: Monday, 1 October 2001 3:55 To: Franck Martin Subject: Re: Nimda virus and whois search... Please seriously consider not sending automated email in this way. You're not making matters better by creating a storm of email messages in addition to an already existing storm of HTTP queries. Your response might be worse than the original problem. -- Stanislav Shalunov http://www.internet2.edu/~shalunov/ "You wake me up early in the morning to tell me I am right? Please wait until I am wrong." -- John von Neumann, on being phoned at 10 a.m.
