Re: unsuccessful hacking attempt at my machine

From: Gandalf Parker (gandalf_at_most.of.my.favorite.sites)
Date: 01/26/05

• Next message: ynotssor: "Re: hidden files"
• Previous message: noemail_at_this.time: "Re: SSH newbie interested in security concerns"
• In reply to: Petr Pisar: "Re: unsuccessful hacking attempt at my machine"
• Next in thread: Barton L. Phillips: "Re: unsuccessful hacking attempt at my machine"
• Reply: Barton L. Phillips: "Re: unsuccessful hacking attempt at my machine"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 26 Jan 2005 17:19:38 GMT

Petr Pisar <xpisar@fi.muni.cz> wrote in news:IAx1BB.1q8@news.muni.cz:

> Gandalf Parker napsal(a):
>> You might also traceroute those IPs and send a copy of the log to the
>> ISP at the end of the traceroute. I tend to have about a 50%
>> effective response on such contacts.
> I do so, but anybody have never replied me. I think the abuse@
> addresses are redirected to /dev/null.

In some cases when Ive gotten nothing and REALLY wanted a reply, or I got
a rude response giving me the impression that I the system admin was also
the person attacking me, then I have sent the logs to the next ISP back
up channel. In a number of cases I was pleased to the the offending
system drop completely off of the net

On case in particular got me a response of "We cant pinpoint the
offender. We dont log because it takes too much machine." When the uphill
providor was contacted they gave that ISP an ultimatum of "you have 2
weeks to begin logging and resolve this or lose your connecitivty with
us". It is true that the Internet is becoming more and more ruled by
corporations, CEOs, printed policies, and disclaimers. But there are
still alot of places on the net where the power of ROOT is still judge
and jury.

Gandalf Parker

--
"The Internet is made up of a totally Democratic structure governing
hundreds of thousands of small dictatorships." - Gandalf Parker

---

• Next message: ynotssor: "Re: hidden files"
• Previous message: noemail_at_this.time: "Re: SSH newbie interested in security concerns"
• In reply to: Petr Pisar: "Re: unsuccessful hacking attempt at my machine"
• Next in thread: Barton L. Phillips: "Re: unsuccessful hacking attempt at my machine"
• Reply: Barton L. Phillips: "Re: unsuccessful hacking attempt at my machine"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: unsuccessful hacking attempt at my machine ... Gandalf Parker napsal: ... > You might also traceroute those IPs and send a copy of the log to the ISP ... (comp.os.linux.security) Re: With all this SPAM ... should not become frustrated if you find no response from ... regarding guaranteed filtering of content. ... Did you just ignore spammers on the system you ... An ISP certainly knows the source of posts or can be ... (rec.photo.darkroom) Re: Wish list ... that as a reason to /dev/null complaints about users. ... is an Asian ISP - Korea is particularly bad - even if someone reads the ... Sorry - the thing that triggered that response was the indication you ... un-needed ports open, and for those ports that are, having servers up to ... (comp.os.linux.security) Re: attachment and e-mail where to report these security issues? ... Attractive site and an encouraging response from the ISP. ... presently allows its account holders to opt in or out of scanning ... all incoming email for virus infection. ... (microsoft.public.security.virus) Re: Cant connect to Mailserver ... "What did you change therein?" ... Through a client app called DynDNS Updater I got through dyndns.org's ... dnsstuff.com and saw that it's an IP from the ISP (Wildblue - a satellite ... response ] ... (microsoft.public.windows.server.sbs)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2005-01