I find it kind of odd that noone has come up with a 'RBL' for bots... ISPs could easily receive routes via BGP from "some trusted source" that has NULL routes for all of the 'infected' hosts which are attacking people.. A few dozen honeypots and you would quickly have a large list of infected hosts in which to ignore entirely. -Drew -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of chrism at imntv.com Sent: Thursday, February 15, 2007 11:10 AM To: CentOS mailing list Subject: Re: [CentOS] Defending againts simultanious attacks John R Pierce wrote: > chrism at imntv.com wrote: >> That doesn't really have much affect anymore. The bad people are now >> scanning high ports looking for any sshd (or other service) that's >> listening. >> > > > they aren't "people", they are virus/worms... blindly poking at ports > and trying the same lame list of passwords. > > you can't make them stop, unless you control the entire world... just > ignore the noise. I think everyone on the list is aware of the automated nature of the attacks. And I *do* ignore the noise. Cheers, _______________________________________________ CentOS mailing list CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos