On Wed, 3 May 2006, Robert Huff wrote:



        As a result of installing new bits on my system, and paying
attention to old ones, I've noticed several attempted break-ins
which I currently believe have been unsucessful.
        As I have the appropriate log files, I'd like to contact the
administrators and ISPs for the systems involved.  Can someone
recommend a good response boilerplate - something that's concise,
informative, professional, friendly, and yet firm?

I've been pretty religious about "responsible reporting" for about 6 months now, reporting all ssh (and recently FTP) attacks to the originating ISP.

If I may, allow me to infer from your desire to be "firm" that you would like to cause the behaviour stop, and to give you a piece of advice. I believe that you will be very unhappy if you are reporting for that reason. The attacks, probes, tests, attempts - all of them - aren't going to stop, except by filtering those packets out through one mechanism (a firewall) or another (disconnecting your 'net connection). You will end up bailing water with a teaspoon.


/-------------------------------------------------------------------------/
    He's the kind of guy, that, well, if you were ever in a jam he'd be
     there ... with two slices of bread and some chunky peanut butter.

                   finger://[EMAIL PROTECTED]
                  http://www.ephemeron.org/~bigby/
                  irc://irc.ephemeron.org/#the_pub
                news://news.ephemeron.org/alt.lemurs
/-------------------------------------------------------------------------/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to