The times that I have detected attempted hacks, the source IP has always
been out of my area. I usually will email a "cease and desist" request
to the DNS Whois abuse address, and block that address from my firewall.
If I had a subscriber attempting to break in, I would probably email him
the logs and ask him what he is trying to do.
Theoretically, if someone attempted to hack into your network via your
router, say at least ten times, what would you do?
If you could identify this culprit via logs and IP addresses, where you had
them dead to rights, what would you do?
WISPA Wireless List: firstname.lastname@example.org