|Nimda/Code Red Attacks|
Actually, the most likely explanation is that you visited our site and ran either the Nimda or Code Red self test. These self tests check to see if your system is either vulnerable to these worms, or possibly already infected. As a result, the signature they leave in log files is very similar to actual Nimda or Code Red attacks.
|Port Scans and other Security Attacks|
No - we're not attacking you. In fact, we will not even scan you without your pre-authorized approval to do so. The most likely reason for the scan showing up in your logs is that a user at the IP in question ran an audit of that system via our security auditing services. The most common cause for complaint here is that users sitting behind a NAT device (such as a firewall) will not realize that when they run the audit, it is the NAT device that is being tested, not their actual desktop system from where they are browsing (despite our attempts to warn them of that possibility.) Then you, the admin, come along and sees the attack signatures and comes to us.
If you see a scan coming from us, check to see if a user at the IP in question requested an audit. If you have a NAT device, check to see if a user behind the NAT device requested an audit that inadvertly resulted in the NAT device being audited.
|Web Server Queries|
Please note: the removal requests are case sensitive, and will NOT tell you if your email is on the list or not (otherwise malicious users could use it to determine our list members). If you don't get a confirmation request by email within a couple minutes, then you didn't enter your email correctly, or specified the wrong list for removal.
|Submitting a Complaint|
For security issues, we request that you specify the IP address involved, the exact time of the incident, and if possible, include a log extract. Please note that we run a LOT of security audits. Please specify the time as accurately as possible. All of our system clocks are synced regularly with an error margin of no more than one second, so if you can provide an accurate time log, we'll be able to tell you very quickly why our systems are contacting yours.
Our contact information is as follows:
Email: contact <at> securityspace <dot> com Telephone: (905) 304-6922 Toll free: 1-800-799-4831 (North America only) Address: E-Soft Inc. c/o SecuritySpace Fiddlers Green Postal Outlet P.O. Box No 81212 Ancaster, ON L9G 4X2 Canada