If there's no legitimate reason for uses in these domains to be accessing FTP on your RAQs, why not just create an IPChains rule to block FTP requests from these address blocks? That way, valid users from these ISPs can still email and pull http content from your box, without having other security concerns open.
>Then I would suggest you contact them and demand they do something >about their security. Most of my site traffic comes from the US, but >most of the hacking attempts come from Germany, France and China. >While I have had some problems for US ISPs, they are usually >responsive and the problem is resolved. It is not the same with >t-dialin.net or wanadoo.fr. So if blocking access to the entire >country is what it takes to reduce the potential threat, then I am >afraid that is what must be done. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
