Re: Mail relay attempts
> Simple. Random IP-address block scans. Having the box live on the 'net
> alone guarantees that it will get some random hits. Prepare to see lot more
> of them from here-on.
>
> Script-kiddies, trying to find suitable hosts for their mass exploitation
> tools. Worms, eagerly propagating on their own means; And spammers
> (spammerbots?) trying to find open relays they could abuse.
>
> The only thing you can do is to make damn certain your box does not become
> part of the problem.
I know. It is crazzy. I actually would like to see some sort of a better
defence than just standing there uselessly. I mean, in real life if
a country (community etc..) gets attacked by another, there is
usually a "war" and someone is tought a lesson. But here, all we
do is sit arround do nothing.
I usually get about 20 probes per day for ssh or relay. And for other
ports, well,
1808 234K DROP all -- * * 0.0.0.0/0 0.0.0.0/0
over 10 day period. I realize, that's nothing if you are an ISP.
LOL, imagine what microsoft.com has to be getting!!!
- Adam
Reply to: