Yeah.. What are they asking for them now?
Lee
> -----Original Message-----
> From: Jon Hall [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 30, 2001 12:41 PM
> To: CF-Talk
> Subject: Re: Got the fellow, but....
>
>
> This is why we keep BlackIce on all of our servers, and set
> it to accept
> everything. It will still give you a heads up on potential
> bad guys and
> allow you to block the ip address very quickly.
> With all of the recent worm stuff going around, we decided to
> invest in
> Cisco's IDS, and have it logging live to a SQL server
> database...very cool
> stuff. IDS actually inspects every packet going across the
> wire and flags
> suspicious traffic, which you can set custom actions to
> happen if a certain
> flag goes up, like blocking the ip at the router. It even
> detects Sircam...
>
> jon
>
> At 03:14 PM 7/30/2001, you wrote:
> >I'm doing a pretty intensive watch on my server stastics and
> log files
> >in real-time. sometimes I see people who try stupid stuff like:
> >
> >/winnt/system32/cmd.exe and trying to url hack (with ;drop tables) .
> >
> >my question is: when I'm seeing the guy's IP address in the
> stas server
> >or log files, and the guy is still causing problem (i,e - trying to
> >hack) what can I do to him? can I throw him, and only him away? will
> >adding him to the banned IP in IIS helps immediatly?
> >
> >any other alternatives?
> >
> >Michael.
> >
> >
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
