Responding to Security Incidents

Posted on 2005-05-11
Last Modified: 2013-12-04
Hi everyone,

The network I am the admin of has had quite a few security breech attempts on it.
I have notcied that within the last few months attacks have become more frequent and the attacks are usually from the same two companies.

So I have decided its time I started emailing abuse@whatever, to report these incidents.
However scince this is my first time I dont know what to write in the email or what I should include.

The only things I can think to attach to the email are: firewall logs, whois, finger, nlslookup.

Can somone please show me a good template email I can send to these ISPs and also what to attach.


Question by:dr_binks
    LVL 12

    Accepted Solution

    You can visit the ISP website and see if they have their own faq for abuse reports.

    Here is a general guide:

    Hope this helps.
    LVL 23

    Expert Comment

    by:Mohammed Hamada
    Report the SPAM immediately! (within 48 hours). The older the SPAM the harder it is to try and trace the SPAMMER through server email logs.
    Please copy-and-paste both the headers and body of the offending email into a new email and send it to the target which you want to send the abuse.
    You normally do not see the headers of an email message when you are viewing it in an email program such as Outlook Express. However, this is the most important part of the email to send us, as it helps Your isp to try and track who the SPAMMER was.
    In outlook express, to view the entire email source (both the headers and body):
    Highlight the message in the message list, press [ctrl][F3] and a new window will open that contains both the headers and body.
    Press [ctrl][a] to select all the text in this window.
    Press [ctrl][c] to copy the text.
    Open a new message and press [ctrl][v] to paste the text into the body of your new message.
    Send the email to target.

    Good luck


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
    This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now