Login or Register to Ask a Question and Join Our Community


Cybersecurity

Network attack - so what?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Network attack - so what?
# 8  
Old 01-15-2010
It depends. Back in the days when I was dealing with hundreds of spammers and attackers as a security officer I have even seen people ending up in the jail. But again, it will depend on the ISP / Enterprise, the local laws - California may be different than, let's say, Arizona, though they are neighbors, and especially the way you report the attacks / spam messages. Both Spamcop.net and Spamhaus.org do a pretty good job in providing cooperation to network / abuse admins through automated mail systems. There's a risk, however - some or all of the IP addresses may be indeed legitimate, but the attack itself deploys forged addresses injected directly into TCP packets.
Nevertheless, all spam messages fall under the CAN SPAM ACT 2003.
As for the SSHD attacks, you may consider those general advises, deploy sshdfilter or implement SSHBL.
HTH.
# 9  
Old 01-19-2010
Quote:
Originally Posted by sysgate
It depends. Back in the days when I was dealing with hundreds of spammers and attackers as a security officer I have even seen people ending up in the jail. But again, it will depend on the ISP / Enterprise, the local laws - California may be different than, let's say, Arizona, though they are neighbors, and especially the way you report the attacks / spam messages. Both Spamcop.net and Spamhaus.org do a pretty good job in providing cooperation to network / abuse admins through automated mail systems. There's a risk, however - some or all of the IP addresses may be indeed legitimate, but the attack itself deploys forged addresses injected directly into TCP packets.
Nevertheless, all spam messages fall under the CAN SPAM ACT 2003.
As for the SSHD attacks, you may consider those general advises, deploy sshdfilter or implement SSHBL.
HTH.
Thank you!
# 10  
Old 04-30-2010
In my experience it is very rare that anything consequential can be done about such attacks. This is because:

a) Usually executed behind offshore proxies
b) lack of political will

(unfortunately)
# 11  
Old 05-14-2010
Well, If you see attacks originating from any machine, I'd block them.
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

2. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

3. Cybersecurity

Found attack from

Hi, I have a belkin router installed and a look at the security log has got me worried a little bit. Security log: Fri Jan 29 20:41:46 2010 =>Found attack from 68.147.232.199. Source port is 58591 and destination port is 12426 which use the TCP protocol. Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies

4. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

5. IP Networking

Bizzare network attack?

A server I host is having very rare glitches where a file the user downloads will have incorrect contents. This almost never happens when I am looking, I caught it once and only once -- a user messaged me saying his antivirus had given him a warning about an image file downloaded from his... (2 Replies)
Discussion started by: Corona688
2 Replies

6. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

7. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies
Login or Register to Ask a Question