On Wed, 9 Jun 2004, Tris Forster wrote: > With a ridiculous number of Somefools arriving at our server daily I was > trying to think of a proactive way do deal with them. > > One possible solution I came up with was sending winpopups to the > offending IP informing them that they are infected (there's a pretty > good chance they'll get through as the infected machine is most likely > not firewalled). > > While the aim of doing this may be completely honourable, sending > winpopups to a non-firewalled machine stinks of spamming and thus I am > in two minds about putting it into practice
We recently had our mailserver being repeatedly hit with virus traffic, which logs showed was coming mostly from a single IP. I contacted their ISP, and they really didn't care. So I sent a few popups to them, spaced several hours apart (so as not to be a nuisance) and the machine stopped its virus traffic in about 2 days. Automating this would be nice, but I didn't ever bother. Hard to imagine it breaking anything, though. And as long as it's sent in response to an attack (they punched you first!) and doesn't advertise anything, I don't think anyone could complain. Damian Menscher -- -=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| <[EMAIL PROTECTED]> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
