Off topic: Hacker

[Thomas Cameron]

> Hi there,
>
> I know this is not the correct forum to ask this question, but I have to
> start somewhere.......
>
> I have a friend with a linux firewall box.
> There appears to be a very simple minded hacker trying to do simple ssh
> password attacks on this box.
>
> I have been using whois and reporting this to each ISP he/she is coming
> from
> but he/she just breaks into a different machine on an new ISP and tries
> again.
>
> Is there something more I can do to track this person down?
> Thanks.


As others have said, it's more than likely script kiddy on a compromised
machine.  A recent thread on the Fedora-test list had a really cool set of
firewall rules to fight this.  Check out

https://www.redhat.com/archives/fedora-test-list/2005-August/msg00082.html

for the rule.

Thomas