You should lock out their IP address at your firewall. Also do a
reverse DNS lookup to see who the ISP is. Report the hacking to them.
They may shut down the account. And no you cannot shut down a remote
port. You exit program is already shutting down their connection
attempts. That is great and the most you can really do from the
Director of Information Services
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rich Loeber
Sent: Monday, May 16, 2011 12:46 PM
To: Midrange Systems Technical Discussion
Subject: Telnet Hacker
I have a hacker who has been trying once per second for the last
hours to establish a Telnet connection with my IBM i server. They are
cycling through port numbers one at a time. Our exit point software is
preventing them from connecting because they are not coming from an
authorized IP address, but I'd like to shut them down earlier in the
process. Is there an easy way to just turn certain port numbers OFF?
I'm running V5R4 on the server. I looked at port restrictions, but it
seems like this is based on user profile for this version of the OS.
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives