[CLUE-Talk] Preventing Hack Attempts before they Happen
Jim Intriglia
jimintriglia at hotmail.com
Sat May 12 22:21:51 MDT 2001
Greetings All,
After signing in this morning as /root, I noticed I had mail from Portsentry
subj.: Active Attack Alert! PortSentry dispatched the cracker via
hosts.deny entry... cool.
A question..
Would it make sense if all Clubies submitted their PostSentry (or other
security log info) that lists the IP address of crackers? My thinking is
that this list of known cracker IP's can be imported into PortSenty and
host.deny files, to avert an attack before it happens.
It would also be interesting to see where the majority of the attacks are
coming from (via IP lookup, sam spade tools for the clever ones). As the
list grows more comprehensive (from CLUEbis submissions), this might be a
useful tool to keep members safe from crackers using known IP address to
launch scans/attacks.
Sound like a worthwhile endeavor? Anything like this available presently?
JimI.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
More information about the clue-talk
mailing list