[CentOS] Defending againts simultanious attacks
Drew Weaver
drew.weaver at thenap.com
Thu Feb 15 16:27:05 UTC 2007
I find it kind of odd that noone has come up with a 'RBL' for bots...
ISPs could easily receive routes via BGP from "some trusted source" that
has NULL routes for all of the 'infected' hosts which are attacking
people..
A few dozen honeypots and you would quickly have a large list of
infected hosts in which to ignore entirely.
-Drew
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of chrism at imntv.com
Sent: Thursday, February 15, 2007 11:10 AM
To: CentOS mailing list
Subject: Re: [CentOS] Defending againts simultanious attacks
John R Pierce wrote:
> chrism at imntv.com wrote:
>> That doesn't really have much affect anymore. The bad people are now
>> scanning high ports looking for any sshd (or other service) that's
>> listening.
>>
>
>
> they aren't "people", they are virus/worms... blindly poking at ports
> and trying the same lame list of passwords.
>
> you can't make them stop, unless you control the entire world... just
> ignore the noise.
I think everyone on the list is aware of the automated nature of the
attacks. And I *do* ignore the noise.
Cheers,
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list