[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mail relay attempts

>   Simple. Random IP-address block scans. Having the box live on the 'net
> alone guarantees that it will get some random hits. Prepare to see lot more
> of them from here-on.
>   Script-kiddies, trying to find suitable hosts for their mass exploitation
> tools. Worms, eagerly propagating on their own means; And spammers
> (spammerbots?) trying to find open relays they could abuse.
>   The only thing you can do is to make damn certain your box does not become
> part of the problem.

I know. It is crazzy. I actually would like to see some sort of a better
defence than just standing there uselessly. I mean, in real life if 
a country (community etc..) gets attacked by another, there is 
usually a "war" and someone is tought a lesson. But here, all we
do is sit arround do nothing.

I usually get about 20 probes per day for ssh or relay. And for other
ports, well, 

1808  234K DROP       all  --  *      *  

over 10 day period. I realize, that's nothing if you are an ISP.
LOL, imagine what microsoft.com has to be getting!!!

- Adam

Reply to: