--- June Tate <
june@theonelab.com> wrote:
>
> <sarcasm>Oh, goodie.</sarcasm>
> So then it's essentially left up to me to deal with this guy. So should
> I be blacklisting any IP that attempts to break in? For the most part my
> security _seems_ to be okay -- the guy has been attempting to break in
> for over a week now, and he still hasn't gotten in, so his attacks are
> really becoming nothing more than a really pathetic DoS.
>
I seriously doubt this is the work of one person. There are lots of
highly coordinated scan which happen these days. I see it regularly in
our firewall logs at work. If the ip addresses were spoofed then a tcp
connection would not be possible, because the return packets would never
make it back to the person doing the connection attempts.
If you want to be extreme you could use blackholes.us or geoip to block
the entire ranges of selected countries. I don't think it worth that much
trouble, personally.
Anthony
__________________________________
Do you Yahoo!?
Yahoo! Mail - now with 250MB free storage. Learn more.
http://info.mail.yahoo.com/mail_250
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)