On Wed, 3 May 2006, Robert Huff wrote:
As a result of installing new bits on my system, and paying attention to old ones, I've noticed several attempted break-ins which I currently believe have been unsucessful. As I have the appropriate log files, I'd like to contact the administrators and ISPs for the systems involved. Can someone recommend a good response boilerplate - something that's concise, informative, professional, friendly, and yet firm?
I've been pretty religious about "responsible reporting" for about 6 months now, reporting all ssh (and recently FTP) attacks to the originating ISP.
If I may, allow me to infer from your desire to be "firm" that you would like to cause the behaviour stop, and to give you a piece of advice. I believe that you will be very unhappy if you are reporting for that reason. The attacks, probes, tests, attempts - all of them - aren't going to stop, except by filtering those packets out through one mechanism (a firewall) or another (disconnecting your 'net connection). You will end up bailing water with a teaspoon.
/-------------------------------------------------------------------------/ He's the kind of guy, that, well, if you were ever in a jam he'd be there ... with two slices of bread and some chunky peanut butter. finger://[EMAIL PROTECTED] http://www.ephemeron.org/~bigby/ irc://irc.ephemeron.org/#the_pub news://news.ephemeron.org/alt.lemurs /-------------------------------------------------------------------------/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"