[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] consistently pounded
- Subject: Re: [cobalt-security] consistently pounded
- From: Theodore Jones <theoj@xxxxxxxxxxxxx>
- Date: Tue, 23 May 2000 17:15:05 -0700
Brent,
Very sound advice. I'm new to this game, but quick to learn. Amazing how
many cowards come out of the woodwork when they can't be directly seen...
~ Theo
Brent Sims wrote:
> On Tue, 23 May 2000, Theodore Jones so wrote:
>
> } Can anyone offer suggestions on scripts/software/anything I can do to
> } cut down on this waste?
>
> Block them at the perimeter router. If you don't control the
> router or your provider won't do this for you - find another
> provider. In the mean time you have three other easy to implement
> options.
>
> 1) Check out the 'allow from' and 'deny from' options in
> your httpd.conf file. You'll need to carefully read the comments
> you'll find there as these are a bit tricky - easy to deal with you
> just have to follow the instructions in order to make them work
> correctly.
>
> 2) You can install tcp wrappers (you really ought to have
> 'em running anyway), configure them to monitor the httpd port and
> add the bums to your hosts.deny file.
>
> 3) Publically humiliate the bums. These activities are
> illegal and, IMHO, should be pursued as such. Check out cert.org for
> details on how to proceed. Our policy in these matters is quite
> simple: pursue every available legal avenue to try and insure the
> bums will think twice before trying something like this again.
>
> I'd also recommend that you keep track of your time. Our last
> hack attempt came from a "security consulting firm" which we'll soon
> be seeking a judgment against for the $900.00 of my time it took to
> keep the bums at bay. Trust me, you might not be able to collect but
> you can most certainly screw up their credit record.
>
> Peace be with you,
>
> Brent
>
> Brent Sims
> WebOkay Internet Services
> http://www.WebOkay.net
> Brent@xxxxxxxxxxx
> (719) 595-1427 (Voice/Fax)
>
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security