Brute SSH attacks / Root Attacks

So after being on holidays and getting flooded with emails ffrom logcheck about having huge attempts of breakins by brute ssh attacks, (yes i have a program running that blocks an ip after 3 denied attempts), im corious to know how many people actually attempt to report these attacks to isps and how successfuly the reporting is?

3 Replies

See http://www.linode.com/forums/viewtopic.php?p=6935#6935

im sorry, that post was about how to stop/block the attacks. I already have a setup inplace that does that.

Im interested in weather people report these attacks to the offenders isps and weather there are actually any positive results back from the isps or if they just ignore you.

The effort involved in reporting this stuff is not justified by the results. For every one good ISP who tracks down a script kiddie and stops him, there are hundreds of ISPs who do nothing because it costs them money for no real gain (from their beancounter-driven point of view), and tens or hundreds of thousands of compromised PCs that the ISPs don't want to disable (because they lose revenue) and which aren't going to get fixed anytime soon (the non-tech users can't - the ISPs won't, unless someone pays them).

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct