On Wed, 3 May 2006, Robert Huff wrote:
As a result of installing new bits on my system, and paying
attention to old ones, I've noticed several attempted break-ins
which I currently believe have been unsucessful.
As I have the appropriate log files, I'd like to contact the
administrators and ISPs for the systems involved. Can someone
recommend a good response boilerplate - something that's concise,
informative, professional, friendly, and yet firm?
I've been pretty religious about "responsible reporting" for about 6
months now, reporting all ssh (and recently FTP) attacks to the
originating ISP.
If I may, allow me to infer from your desire to be "firm" that you would
like to cause the behaviour stop, and to give you a piece of advice. I
believe that you will be very unhappy if you are reporting for that
reason. The attacks, probes, tests, attempts - all of them - aren't going
to stop, except by filtering those packets out through one mechanism (a
firewall) or another (disconnecting your 'net connection). You will end
up bailing water with a teaspoon.
/-------------------------------------------------------------------------/
He's the kind of guy, that, well, if you were ever in a jam he'd be
there ... with two slices of bread and some chunky peanut butter.
finger://[EMAIL PROTECTED]
http://www.ephemeron.org/~bigby/
irc://irc.ephemeron.org/#the_pub
news://news.ephemeron.org/alt.lemurs
/-------------------------------------------------------------------------/
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
