> From: Andrew Gould andrewlylego...@gmail.com
> What information should I send to an ab...@* address when reporting a
> break-in attempt?
> My logs show a dictionary attack of invalid user names against port 22.  I
> obtained an ab...@* email address using 'whois' and reported the beginning
> and ending date/times and the originating IP address.
> Is there any other information I need to send?  Is there someone else I
> should notify?
> Most of the attacks I receive are from other continents, so I just block the
> network range found via 'whois'.  In this case, the IP address is fairly
> local, so I'm hesitant to block the entire range.

There are some applications that you might want to install that can help. 
Personally, I have found reporting the abuse virtually useless. I use to just 
include the entire log with the data that pertained to the user in question; 
however, that just proved a waste of time.

If you are using 'passwords' to access your account, you might want to consider 
using certificates instead. That is far safer than using a password that 
eventually can be cracked.

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to