I find it kind of odd that noone has come up with a 'RBL' for bots...
ISPs could easily receive routes via BGP from "some trusted source" that
has NULL routes for all of the 'infected' hosts which are attacking
people..
A few dozen honeypots and you would quickly have a large list of
infected hosts in which to ignore entirely.
-Drew
-----Original Message-----
From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On
Behalf Of chrism@xxxxxxxxx
Sent: Thursday, February 15, 2007 11:10 AM
To: CentOS mailing list
Subject: Re: Defending againts simultanious attacks
John R Pierce wrote:
> chrism@xxxxxxxxx wrote:
>> That doesn't really have much affect anymore. The bad people are now
>> scanning high ports looking for any sshd (or other service) that's
>> listening.
>>
>
>
> they aren't "people", they are virus/worms... blindly poking at ports
> and trying the same lame list of passwords.
>
> you can't make them stop, unless you control the entire world... just
> ignore the noise.
I think everyone on the list is aware of the automated nature of the
attacks. And I *do* ignore the noise.
Cheers,
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
