<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Yes, I have actually received responses. Not from China or Korea
though, only from the US. I will correct myself. I said I contact the
ISPs. What I actually end up doing is contacting the company unless I
cannot associate the address to a company, in which I contact the ISP.<br>
<br>
Like I said though, once I have seen attempts from a range of ip
addresses owned by the same company or ISP three or more times, I block
the entire range. This prevents any more attempts.<br>
<pre class="moz-signature" cols="72">Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking
<a class="moz-txt-link-abbreviated" href="mailto:halln@otc.edu">halln@otc.edu</a>
417-447-7535
</pre>
<br>
<br>
Eucke Warren wrote:
<blockquote cite="mid015101c4dcb2$a6848a90$3f01a8c0@Eucke" type="cite">
<blockquote type="cite">
<pre wrap="">----- Original Message -----
From: Nathaniel Hall
To: For users of Fedora Core releases
Sent: Tuesday, December 07, 2004 2:52 PM
Subject: Re: Login attacks
I see attempts about every other day. Because of this, I send e-mails to
</pre>
</blockquote>
<pre wrap=""><!---->ISPs about every other day.
Ok, this brings up a question I have. I, too, have emailed the responsible
parties for the offending addresses. Korea and China usually are the
countries from which the IP addresses are allocated. Has ANYONE ever
received a reply back? I never have. I am beginning to suspect that the
attacks are done with the tacit approval of those networks.
</pre>
</blockquote>
</body>
</html>