Re: ssh-rbl's Re: intrusion via ssh
On Fri, 1 Apr 2005, Michelle Konzack wrote:
> It was realy successfuly to do a 'cd / ; rm -rf' and something
> under Windows similar... But under Windows it is better to
> destroy the FATs, kill the beginning and the end of the partitions
> and the Partitiontable plus its backups...
not a good thing to rm their box, but after 3 warnings,
i'd say it's fair game to play their game
- we'll erase your posts from the archives :-)
----
for us, most of the script kiddies come from the former east block
and south america and china and korea... ( ie .. places where they don't
speak english as primary language, making it easier for the script
kiddies to get into their boxes and than attack from it
----
we go after script kiddies or attackers if they do get in and spend
the time and log everything as needed to collect $$$ from um
if they try or attempt and go away, we have other things to do
than to chase their butt from machine to machine across the ponds
between land masses
----
i still think an rbl-like db for "script kiddie" ip# is a good thing
to have esp if it's tcpwrapper based since it can already does the
checking for us .. vs modifying the apps itself ( too many of um )
c ya
alvin
Reply to: