Date: Sat, 21 Apr 2001 10:23:18 +0100 From: Lee Smallbone <lee@kechara.net> To: Jim Durham <durham@w2xo.pgh.pa.us> Cc: freebsd-security@freebsd.org Subject: Re[2]: Connection attempts Message-ID: <7432.010421@kechara.net> References: <Pine.BSF.4.21.0104231526270.27876-100000@w2xo.int>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Jim, Monday, 23 April 2001, you wrote: JD> On Mon, 23 Apr 2001, Michael S Scheidell wrote: >> In local.freebsd.security, you wrote: >> > >> >Script kiddies..just ignore it and get used to it. >> >> I don't suggest ignoring the 'kiddies' that walk down the street trying to >> see if my windows are open either. >> >> 80% of these systems have bveen compromized, and the owner doesn't even >> know it. >> >> Wouldn't you like to take these systems off the net? >> You want one of them to run against your system (if you miss a security >> bulitin?) >> >> its easy enough to log and alert the isp. >> >> JD> I don't know what you folks' experience has been, but I've had JD> almost no luck with alerting ISPs to these problems. A lot of JD> this stuff comes from Korea and Chekoslovokia and I get no JD> responses from the ISPs. You should see my intrusion database... 93% from Korea, Taiwan and the likes. The rest from interesting places such as Hungaria. There is never any response from ISPs. Solution a) grin and bare it (is that really a solution though?). Solution b) actively firewall connections from these places (blanket bans are never a great idea though.) Solution c) anyone? This could make for an interesting debate. Best regards, Lee Smallbone lee@kechara.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7432.010421>