Date: Thu, 19 Feb 2009 12:00:45 -0600 From: Andrew Gould <andrewlylegould@gmail.com> To: FreeBSD Questions Mailing List <freebsd-questions@freebsd.org> Subject: off topic: reporting attempts to access computers Message-ID: <d356c5630902191000n16c3d3a0md98c4246a5ff2c79@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
What information should I send to an abuse@* address when reporting a break-in attempt? My logs show a dictionary attack of invalid user names against port 22. I obtained an abuse@* email address using 'whois' and reported the beginning and ending date/times and the originating IP address. Is there any other information I need to send? Is there someone else I should notify? Most of the attacks I receive are from other continents, so I just block the network range found via 'whois'. In this case, the IP address is fairly local, so I'm hesitant to block the entire range. Thanks, Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d356c5630902191000n16c3d3a0md98c4246a5ff2c79>