begin quoting James G. Sack (jim) as of Tue, Sep 05, 2006 at 12:11:57PM -0700: [snip] > A quick look revealed another at 61.135.145.207, also cn, it seems. > > Q: does it do any good to blacklist such obvious bot-attacks?
Have we complained / sent log excerpts to [EMAIL PROTECTED] and [EMAIL PROTECTED] ? Blacklisting obvious bot-attacks keeps the logs from getting cluttered up with noise, so yes, it would help. It would be better for the admins of those machines to kill the bots, of course. If the complaints are ignored, complain to the upstream providers, at least until widely-separated traceroutes indicate they're on the general network... and if the nearest common node blows us off, block that node. (Or redirect to a dead site indicating that <list> refused to do anything about someone attacking our systems, and if you're a customer of someone in the <list>, complain to them, not us.) -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-steer
