Re: What to do with attackers?
On Friday 04 November 2005 11:15, Jon Dowland wrote:
>On Fri, Nov 04, 2005 at 09:30:30AM -0500, Gene Heskett wrote:
>> Sorry, I don't agree. Rejecting the attackers packets just confirms
>> that you are indeed there.
>
>Unless you are rejecting all traffic on all ports (so that rules out any
>server then) they'll know you are there anyway.
>
>> 2 of those got past iptabes because they came from a verizon dns
>> server I was using but had been kitted. I send vz a nastygram, and
>> they re-image the box till the next time.
>
>I remember you writing this in a previous message. Quite an interesting
>entry-vector!
Yup, it got to where I had to put that address into the
portsentry.ignore file, else I kept losing my dns with no clue why.
The 2nd, backup server, they run was never accessed that I know of.
>--
>Jon Dowland
>http://jon.dowland.name/
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
99.35% setiathome rank, not too shabby for a WV hillbilly
Free OpenDocument reader/writer/converter download:
http://www.openoffice.org
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
Reply to: