On Sun, 12 Aug 2001, Devon wrote:
> On Sunday 12 August 2001 05:47 pm, Andrew Smith wrote:
> > If you really think that emailing the people who can do something
> > about it is a waste of time then try what I said to start with -
> > the idiots running the MicroShaft machines obviously don't have a
> > clue so emailing them probably wouldn't do much good
> > (I rang my ISP and they asked me to email the list of IP's
> > attacking me from their subnet!)
>
> Have a look here as well.
> http://www.securityfocus.com/archive/1/201907
> >From the looks of it, if you provide the date, time, and IP of the
> attacking machines, security focus will attempt to contact the relevant
> parties. Since most of the attacks I've seen have been from within my
> own ISP's address space, I'd prefer they got mad at security focus
> rather than me for mailbombing them. ;)
<snip>
I believe you're in the 24.x subnet, as are most cable modem customers? I
have checked by logs also, and it appears all of my hits are coming from
same. I changed apache config a week or two ago to do NS lookups, so I
have mostly @home or RoadRunner subs by the looks of it.
I think perhaps Excite@Home is blocking incoming port 80 hits from the
internet through their routers? I have 275 hits since 4am today (18
hours) and only three are outside of 24.x This could be checked of
course, if one had the means to do so. Someone from Europe could try
hitting my humble test webserver at http://endless.eu.org
Just a theory.
--
[ Ryan Camick Cambridge, Ontario, Canada ]
[ Powered by Red Hat Linux 7.1 / Kernel 2.4.7 ]
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
