>Joe A. It would be nice to see or hear of Dial-Up and Broadband ISP's cancelling accounts that are being used to run probes and hacking attempts. While a lot of attacks are launched from comprimised servers a ton are coming from dial-up and cable modem accounts. Between portsentry and BlackIce on my pc's I'm intercepting an average of TWELVE attacks daily.
I've heard back from an ISP that cancelled a user for poking at my machine. I'm pleased there's at least *one* idiot out there that was yanked off the net.
The vast majority of scans/attempts I get originate from China or other Asian countries. Quite often they're compromised Red Hat boxes. If it's in the US, you can write/call the ISP and they might get something done, but when it's a box in China, I don't know what you *can* do. :(
Here's a list of Denied IP's from just one machine. ALL : 216.13.170.3 ALL : 209.221.133.140
I wish mine was that short... =/ -- -Jonathan Nichols System Administrator http://www.sitesthatsell.com jnichols@xxxxxxxxxxxxxxxxx