× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I checked out
http://www.fbi.gov/
But they currently do not accept email, nor do they have an online method
of reporting a problem.  I guess I have so much other stuff to do that
reporting every probe would be a hassle.

Rob Berendt

==================
A smart person learns from their mistakes,
but a wise person learns from OTHER peoples mistakes.



                    "Jim Franz"
                    <franz400@triad.rr.       To:     <midrange-l@midrange.com>
                    com>                      cc:
                    Sent by:                  Subject:     Re: Reporting hacking
                    midrange-l-admin@mi
                    drange.com


                    08/27/2001 07:27 PM
                    Please respond to
                    midrange-l






> Is there a channel to report hacking?
>
if it is a random attack, block the ip address at the router or firewall,
and step up monitoring.
Watch your other network devices, router, firewall, NT's etc.
They may be your weakest link (say it ain't so!) then it may be easy to
plant
a sniffer on an NT and wait for your 400 traffic to float by.
If you are being persistently targeted by the same address, contact the
FBI.
I think they are interested in certain foreign groups.
FBI is in most phone books.
jim franz


> My boss is enamored with Op's Nav performance monitoring.  He happened to
> notice that the FTP jobs on our web server 400 were eating up some CPU
> percentage.  Not much, but some.  We were getting ready to do a ftp site
> but not prime time yet.  We fired up our Pentasafe reports and determined
> that a certain IP address was trying to probe us for ftp.  Pentasafe was
> slamming the door on them.  We decided to try to access that ip address
> from one of our browsers and got a Romanian pharmaceutical company.
> (Although I am not too good on my Cyrillic alphabet).
>
> Since our ftp is not prime time yet, we changed our firewall to block all
> external ftp for now.  Basically as a defense in depth, and to take a
load
> off of the 400.  We thought about just blocking this IP address:
> 212.93.151.182
>
> Rob Berendt
>
> ==================
> A smart person learns from their mistakes,
> but a wise person learns from OTHER peoples mistakes.
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> or email: MIDRANGE-L-request@midrange.com
>

_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com







As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.