Usenet postings that violate the AUP | Usenet abuse reports should contain the following information: - Section of charter or FAQ showing how this post is in violation (when available)
- Full Usenet header showing the offending Cox IP as NNTP posting host
- Full body of post showing commercial advertisement or other abusive content
Refer to Abuse Submission Guidelines. |
Malicious system probes to services not being offered | Firewall logs of malicious system probes (port scans) should contain the following information in plain text - no screen shots, spreadsheets, or other binary attachments: - Cox-owned source IP address
- Destination IP address
- Source port of attempted connection (when applicable)
- Destination port of attempted connection (when applicable)
- Protocol of intended connection
|
Unauthorized accesses from a Cox-owned IP (hacking/cracking) | Logs of unauthorized access should contain the following information in plain text: - Evidence of intrusion by a Cox-owned IP
- Methods used to gain access to secure systems (if available)
- Accurate time stamped logs (firewalls, various servers, IDS, honeypots)
- Systems that were compromised by user at this address
|
Web-server or Web-forum abuse | Web-server logs should contain the following information in plain text: - Explanation of how your web-server is being affected by a Cox-owned IP
- URL being requested by the IP
- Program being reported as requesting data (browser)
|
Mail Server (SMTP) Abuse | Mail-server logs should contain the following information in plain text: - Cox-owned IP address attempting to relay through mail server
- All email addresses involved
- Subject and body of emails when available
- Attempted (successful or unsuccessful) authentication
|
File-sharing / Copyright infringements | - All copyright infringement notifications should be reported following the protocols and procedures set forth in the Digital Millennium Copyright Act. Other reports of copyright infringement may result in action being taken only if/when the material is still accessible using standard protocols at the time the report is processed. Copyright holders who wish to submit reports regarding intellectual property infringements should research and conform to the DMCA practices.
- To be effective under the DMCA, the notification must (i) be in writing, and (ii) provided to Cox's registered DMCA agent at dmca@cox.com.
- For such a report to be effective under the DMCA, the notification must include the following:
- A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
- Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single Notification, a representative list of such works at that site.
- Identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit the Service Provider to locate the material.
- Information reasonably sufficient to permit the Service Provider to contact the complaining party, such as an address, telephone number, and if available, an electronic mail address at which the complaining party may be contacted.
- A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
- A statement that the information in the Notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
|
Residential Users offering services (FTP, SMTP, HTTP) in violation of the AUP | If you believe a Cox residential user has placed a server of any kind on the network through their cable modem, we would like to hear about it. Logs should contain the following information in plain text: - Type of servers and services (including gaming servers)
- Services / materials being offered (with logs when applicable)
- Any available visitor/anonymous passwords necessary to access the servers
|
Internet Relay Chat (IRC) and other chat-room abuse | Logs should contain the following information in plain text: - Full description of incident
- Output of the “/whois” command on the nickname of the offender (if available)
- All known handles/nicks of this user
- Full transcripts of any chat sessions including threats/harassment
- Other relevant information supported with evidence
|