My logs show a dictionary attack of invalid user names against port 22.  I
obtained an ab...@* email address using 'whois' and reported the beginning
and ending date/times and the originating IP address.

Is there any other information I need to send?

i don't think so.
anyway - if all password are well made still there is no problem.

 Is there someone else I
should notify?

i don't think so.

Most of the attacks I receive are from other continents, so I just block the
network range found via 'whois'.

it's good solution, mostly because those in ab...@* often simply ignore such mails.
_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to