Unless I'm mistaken, what you are suggesting to do is illegal in most barrios, but if you snoop around in the right places i'm sure you can find someone to play enabler to your skr1p7 k1dd33 lusts. don't expect anyone on this list to give you some magic script that thwarts the bad guys. just firewall that crap off and ignore it.
but since they are sending out stuff... Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on (65.192.141.115): (The 1591 ports scanned but not shown below are in state: closed) Port State Service 135/tcp filtered loc-srv 136/tcp filtered profile 137/tcp filtered netbios-ssn 138/tcp filtered netbios-ssn 139/tcp filtered netbios-ssn 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 5000/tcp open UPnP 6346/tcp filtered gnutella 6699/tcp filtered napster No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/ fingerprint: run completed -- 1 IP address (1 host up) scanned in 46 seconds On Fri, 2002-09-20 at 23:43, Ibly Piblo wrote: > How do you block Nimda attacks from your logs? > > Really, now, there must be a way, > I have tried script after script, > I am still getting attacked by this IP: > > 65.192.141.115 > > Who are these criminals? > > They have no right attacking me like this! > > I can't whois them or traceroute, or samspade them, > it is not fair. > > I guess you just can't run a web server anymore. > > Is there one good reason why I should not > give up? > > I don't understand "honeyport", it is too hard. > > Isnt there something easier, a script I can > just download and install? > > Surely, by now, someone has invented a more > effective method, surely, I mean, are all the world's > webmasters just going to sit down, and take it > in the back? > > Is there a kind soul out there who would like to > offer a script to this list that would retaliate > by remotely shutting down the attacking server? > > This has got to stop, I have sat by for too long, > and I don't intend to take this attacking any longer. > > I wish to thank all those who offered me the > web pages of honeyport, thank you so much, > but I'm looking for something that is more > assertive, something that will *do* something, > not just e mail the admin only to be ignored, > I'm not playing Mr. Nice any more. -- jason gmaestro.org
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com