Scrambled Brains

[Bruce]

As I have referred to in other messages, we have this person/people
hammering our site on port 137 - every day and every IP address.

Now the nmbd netbios name server is currently not in use and I have been
thinking about enabling it with some very false information primarily to
scramble this idiots brain.

Is this ethical and are there any suggestions?

These are following SINGLE IP ADDRESS logs (I've cut all the others out)

May 15 03:12:40 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
206.133.213.138:137 203.44.126.33:137 L=78 S=0x00 I=63233 F=0x0000 T=110
(#29)
May 15 03:12:41 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
206.133.213.138:137 203.44.126.33:137 L=78 S=0x00 I=63745 F=0x0000 T=110
(#29)
May 15 03:12:43 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
206.133.213.138:137 203.44.126.33:137 L=78 S=0x00 I=64257 F=0x0000 T=110
(#29)

May 16 11:48:43 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
199.199.165.245:137 203.44.126.33:137 L=78 S=0x00 I=41130 F=0x0000 T=108
(#29)
May 16 11:48:44 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
199.199.165.245:137 203.44.126.33:137 L=78 S=0x00 I=41386 F=0x0000 T=108
(#29)
May 16 11:48:46 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
199.199.165.245:137 203.44.126.33:137 L=78 S=0x00 I=41642 F=0x0000 T=108
(#29)

May 16 14:15:49 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
204.210.19.170:137 203.44.126.33:137 L=78 S=0x00 I=15372 F=0x0000 T=111
(#29)
May 16 14:15:51 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
204.210.19.170:137 203.44.126.33:137 L=78 S=0x00 I=15628 F=0x0000 T=111
(#29)
May 16 14:15:52 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
204.210.19.170:137 203.44.126.33:137 L=78 S=0x00 I=19724 F=0x0000 T=111
(#29)

May 18 05:31:38 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
10.10.10.10:137 203.44.126.33:137 L=78 S=0x00 I=62469 F=0x0000 T=109 (#29)
May 18 05:31:38 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
199.0.1.100:137 203.44.126.33:137 L=78 S=0x00 I=62725 F=0x0000 T=109 (#29)
May 18 05:31:38 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
208.61.106.233:137 203.44.126.33:137 L=78 S=0x00 I=62981 F=0x0000 T=109
(#29)
May 18 05:31:39 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
208.61.106.233:137 203.44.126.33:137 L=78 S=0x00 I=63493 F=0x0000 T=109
(#29)
May 18 05:31:39 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
199.0.1.100:137 203.44.126.33:137 L=78 S=0x00 I=63749 F=0x0000 T=109 (#29)
May 18 05:31:41 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
10.10.10.10:137 203.44.126.33:137 L=78 S=0x00 I=65285 F=0x0000 T=109 (#29)
May 18 05:31:41 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
199.0.1.100:137 203.44.126.33:137 L=78 S=0x00 I=64773 F=0x0000 T=109 (#29)
May 18 05:31:41 ns kernel: Packet log: inppp0 DENY ppp0 PROTO=17
208.61.106.233:137 203.44.126.33:137 L=78 S=0x00 I=65029 F=0x0000 T=109
(#29)

...

Well you get the idea. I mean to say an IP address 10.10.10.10 - give me a
break!!!

Regards,
Bruce.


-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]