Hello all, I am not sure how much of this we want to discuss on a public
mailing list where hackers are certainly listening in. I am getting a FLOOD
of access attempts at a customer site where the was a Warez FTP server. I
have placed a firewall in the way, changed internal addresses to private
and basically shut things down. There was a concerted attempt to break
things for a while but now the professionals have gone on to some other
easier target (got knows there are tons). My problem is that I am still
getting hundreds of attempts by DAMN script kiddies. We are spending hours
each day tracing them and advising ISPs of these attempts but I am looking
for policies and scripts to do these traces easyer. Please respond offline
with policies (which attempts do you report and follow up on) and online
with methods of speeding up this process. I am currently using a trace
utility from www.pc-help.org.
Gary B
PGP signature
