Date: Mon, 03 Apr 2000 00:01:07 -0500 From: Mike Tancsa <mike@sentex.net> To: "Chutima S." <chutima_s@zdnetonebox.com>, freebsd-security@FreeBSD.ORG Subject: Re: How to deal with intruder? Message-ID: <4.2.2.20000402235801.033166c8@mail.sentex.net> In-Reply-To: <20000403035452.VVHA21091.mta01.onebox.com@onebox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:54 PM 4/2/2000 -0800, Chutima S. wrote: >Dear all, > >I'm a new internet admin. I found in security check output routine that >many people try to connect to my server: Yup. Unfortunately, this is normal. You will quite often see people scanning for holes and weaknesses. >That really scare me!!! I don't know how to deal with them. So I want >your advice for : >1. Should I try to contact anybody(admin at those server)? Yes. Do so when you can. >2. How can I trace them back to know are they? By the IP address in your logs. whois -a <ipaddress>. Often however, the accounts are dialup accounts, or machines that have been broken into. If you are new to network administration, see http://www.securityfocus.com and http://www.sans.org. They are two useful *starting* places. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000402235801.033166c8>