Re: [CentOS] I've been hacked -- what should I do next?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Friday 01 December 2006 11:42, Aleksandar Milivojevic wrote:
> Quoting Alfred von Campe <alfred@xxxxxxx>:
> > Is there any sense in reporting this?  I have the IP addresses from
> > which they logged in.
>
> You could try, it won't hurt.  However, you run 99% probability  
> nothing will happen.  That IP address is probably just another  
> compromised system.  If it's a dial-up address, contact the ISP.  If  
> it actually belongs to some organization (for example university),  
> contact them.  In general, places like universities might even attempt  
> to do something with info you provided.  ISP's in general will do  
> little to nothing about it.

Having worked at an ISP, I would like to note they might be appreciative 
depending on the circumstances.  If the IP is obviously a DSL or dialup 
address (check the reverse DNS), they probably get deluged with so many that 
it's hard for them to actually take action on them (although many ISPs do 
try).  If the IP looks to be an actual server (whether it's the ISP's or a 
colocation client of theirs), they will most likely be appreciative of the 
notice.

-- 
- Kevan Benson
- A-1 Networks
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux