From owner-freebsd-isp Sun Jan 26 13:09:22 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA24343 for isp-outgoing; Sun, 26 Jan 1997 13:09:22 -0800 (PST) Received: from kirk.edmweb.com (kirk.edmweb.com [204.244.190.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA24338 for ; Sun, 26 Jan 1997 13:09:19 -0800 (PST) Received: from bitbucket (bitbucket.edmweb.com [204.244.190.9]) by kirk.edmweb.com (8.8.5/8.7.3) with ESMTP id NAA06854; Sun, 26 Jan 1997 13:09:08 -0800 (PST) Received: from localhost by bitbucket with smtp id m0vobp7-000CGkC (Debian Smail-3.2 1996-Jul-4 #2); Sun, 26 Jan 1997 13:09:09 -0800 (PST) Date: Sun, 26 Jan 1997 13:09:06 -0800 (PST) From: Steve X-Sender: steve@bitbucket Reply-To: Steve To: Blaine Minazzi cc: ISP@FreeBSD.org Subject: Re: phf exploit and other goodies... In-Reply-To: <32EBB1F1.48CBD854@denverweb.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk > I would like some input as to how other ISP,s deal with attempted > hacks of their system? For an ordinary little phf probe from some h4ck3r-wannabe, I might let it slide. If it's something more determined, or if it's coming from a host that shouldn't have regular lusers on it, then definately inform root or postmaster at that site and the technical people for that domain and network, as listed in the whois database. Not all hackers are clueless wannabees. Once root is cracked, it's possible to be completely invisible on that system. The legitimate operators of the host have a right to know what their resources are being used for. If you don't tell them, they might never know.