On Wed, 3 May 2006, Robert Huff wrote:

        As a result of installing new bits on my system, and paying
attention to old ones, I've noticed several attempted break-ins
which I currently believe have been unsucessful.
        As I have the appropriate log files, I'd like to contact the
administrators and ISPs for the systems involved.  Can someone
recommend a good response boilerplate - something that's concise,
informative, professional, friendly, and yet firm?

I've been pretty religious about "responsible reporting" for about 6 months now, reporting all ssh (and recently FTP) attacks to the originating ISP.

If I may, allow me to infer from your desire to be "firm" that you would like to cause the behaviour stop, and to give you a piece of advice. I believe that you will be very unhappy if you are reporting for that reason. The attacks, probes, tests, attempts - all of them - aren't going to stop, except by filtering those packets out through one mechanism (a firewall) or another (disconnecting your 'net connection). You will end up bailing water with a teaspoon.

    He's the kind of guy, that, well, if you were ever in a jam he'd be
     there ... with two slices of bread and some chunky peanut butter.

                   finger://[EMAIL PROTECTED]
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to