I recorded an attack a little while ago. I tracked down the originator of
the attack (or rather, the org responsible for providing the access to the
attacker), copied the relevant log entries and emailed that to 'root@',
'postmaster@' and 'abuse@' (where the org in question follows the @). One
or all of these is bound to get through to someone who cares. In this case,
I received a nice email back thanking me for the info and indicating that
the person's access had been terminated.
You could also report it to the RCMP (or whichever federal authority is
responsible for investigating computer crime in your particular slice of
the planetary pie), but I've found that most IAPers are quite reasonable
when presented with the facts, and will adequately deal with the situation
themselves.
Jon
At 02:54 PM 11/15/99 +0100, you wrote:
>I was wondering if any proactive measures exist against attacks on a
>firewall. What could I do if I knew my firewall was attacked from a
>particular site ?
-----------------------------------------------------------------
Jon Earle (613) 751-4948 (Pager)
HUB Computer Consulting Inc. (613) 830-1499 (Office)
http://www.hubcc.ca 1-888-353-7272 (Within Canada/US)
"God does not subtract from one's alloted time on Earth,
those hours spent flying." --Unknown
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
