Claer wrote: > On Fri, Jan 11 2008 at 24:11, Lars Nood?n wrote: ... >> Regarding the logs, one thing that worked in the past was giving the >> netblock owner a hard time. It's their responsibility. It's not too >> hard to make up a shellscript (or use another scripting language) which >> automates a daily report and the complaint. > > I always hesitate to use this trick. Could you please develop more the > implications of this method? Is it still effective?
Does it *still* work? I don't know yet, it looks like I will have to try it again though. Used to work well. But you have to establish responsiveness on the ISPs end first, usually by phone. e.g. Get a shrill, technically knowledgable woman to give them an earful a few times / break their balls. Giving the police report number helps. Once that is established then they'll be relieved to have the messages rather than the phone calls. I hadn't needed for a few years. Though back then, the number of attacks plummeted quickly. I suppose another option is to use pf to filter out all incoming traffic to the servers originating from Windows computers maybe except to relevant services like http port or https. If we could see a blanket ban on connecting Windows machines to the net, things would improve drastically. Regards -Lars
