* Jakov Sosic <[EMAIL PROTECTED]> [2008-08-21 09:11-0400]: > On Thursday 21 August 2008 16:57:27 Max Zimmermann wrote: > > > The problem with reporting the IPs is, that it can become a very big > > task, as the number of IPs denyhosts blocks increases. > > You can always write a script that will send an email after every SSH > bruteforce attack to a mail address from whois database. That way you don't > have to do it manually, and still you can do some good deed if someone has a > server that's broken into, and is not (yet) aware of that.
You could use dronebl, a dnsbl service, to check against and report attacks to (http://headcandy.org/rojo/ for some examples using fail2ban). micah -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
