Re: [cobalt-users] Proactive action against hack attempts

["Gilles Dumangin" <gilles_dumangin@xxxxxxxxxxx>]

Craig

Could you or anyone else please expand a bit on what is portsentry and how 
to install it. I would like to understand and prevent problems

Thanks

Gilles


> From: "Craig Napier" <craignapier@xxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] Proactive action against hack attempts
> Date: Thu, 11 Jan 2001 14:03:34 -0500
>
> > I have been watching my log reports for the last week now, and have 
> > noticed
> > that 99% of the attack attempts on my system are from abroad. Are IPs
> > segregate by country or anything?
>
> I guess somewhat - I got so tired of seeing daily (hourly) probes from 
> North
> Korea that I've pretty much blocked the whole damn country <north and south
> since I have no clients from Korea>... For me, Korea was one of the worse
> abusers... Far more than any other location... I spent a good 1-3 hours
> looking up IP blocks that I gathered from repeated attacks and just
> black-holed 'em all in hosts.deny... Seems to have helped as the scans from
> Korea have almost stopped completly.
>
> I'd personally install portsentry <if you haven't already> at the *very*
> least... I'm working on IP chains for one of my boxes at the moment.. <bit
> of a trick> but at least install portsentry to monitor/block TCP
> probes/scans..
>
> Cheers!
> Craig Napier
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.