Date: Wed, 03 May 2006 17:44:49 -0500 From: Andrew <andrew.chace@gmail.com> To: Robert Huff <roberthuff@rcn.com> Cc: questions@freebsd.org Subject: Re: Semi-OT: responding to attempted breakins Message-ID: <1146696290.3352.21.camel@LatitudeFC5.network> In-Reply-To: <17497.9228.336693.720080@jerusalem.litteratus.org> References: <17497.9228.336693.720080@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2006-05-03 at 17:43 -0400, Robert Huff wrote: > As a result of installing new bits on my system, and paying > attention to old ones, I've noticed several attempted break-ins > which I currently believe have been unsucessful. > As I have the appropriate log files, I'd like to contact the > administrators and ISPs for the systems involved. Can someone > recommend a good response boilerplate - something that's concise, > informative, professional, friendly, and yet firm? > > > Robert Huff I'm sorry I can't. I did, however, want to interject my two cents here ;-). From a non-professional (i.e. student) viewpoint, it's been my experience that if I take the time to write a polite email, which includes relevant bits from my log files, to the admin for the IP in question asking them to look into it, they will usually take care of it. I suppose the appropriate response to this sort of situation depends on what your hosting. I run a web-server and SSH gateway for personal use, so although extremely annoying, it wouldn't be any big loss for me if it was cracked. I suppose you could always blacklist the domain in question, and see how long it takes for anyone to complain ;-).\ -Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1146696290.3352.21.camel>