Slashdot Mirror


Dealing with Intruders?

drakyri asks: "I've been running a server for a small company for a few months. Recently, the number of attempted intrusions has jumped from about one every week to several per day - and these are only the really obvious attempts, like idiots who try to log in as root from the outside. The problem is that I'm not sure what to do about this. I've got their IP addresses and can usually tracert their ISP's - is there an accepted type of letter to send them without seeming like one of the corporate cease-and-desist gnomes?"

8 of 656 comments (clear)

  1. I tried to log in as root.. by Anonymous Coward · · Score: 5, Funny

    on my University's network more than once. I ran Linux and I got into the habit of logging in as root, and sometimes I'd try to log in without thinking just after starting a telnet session. I didn't receive any notice from the U, but in this post-9/11 hellmouth, I'm sure I'd have been reported to the FBI as a potential terrorist.

    1. Re:I tried to log in as root.. by Lord+Kano · · Score: 5, Funny

      Only if you are of arabic race or have an arabic name.

      Arabic isn't a race. Arabs, technically, are caucasians. They're just curly haired, tanned white people. Not entirely unlike Italians.

      LK

      --
      "Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
  2. Not a cease-n-desist gnome... by AngstAndGuitar · · Score: 5, Funny

    You might consider sending a handwiten letter and use your own name, that would seem a bit more human. Also, most large companies will send polite-but-firm letters, so just threaten bodily harm to them and their pets, that should sound pretty un-corporate. I suppose only the first sugesstion is really a good one, but I like the second one more, so I'm not going to remove it from my comment.

    --
    Less look fast, more go fast.
  3. Do what Mr Burns does... by Anonymous Coward · · Score: 5, Funny

    Nothing beats the personal touch of hired goons...

  4. Call their parents by Monkelectric · · Score: 5, Funny

    True story: About 8 years some friends and I were getting o3ned DAILY by a hacker. One of these friends had a buddy in IBM's security division, who somehow got us a name and phone # of our hacker. We felt like asses when we found out we were getting beat down by a 15 years old. But we called his dad, explained what was going on, and that we knew where he lived. Problem SOLVED :)

    --

    Religion is a gateway psychosis. -- Dave Foley

  5. normal for this time of year by phek · · Score: 5, Funny

    It's really normal to notice a huge increase in attacks this time of year. With the passing of defcon and black hat this month, a lot of new security vunerabilities have been released, and all of the 'script kiddies' are eager to try them out. The best thing to do is make sure all your software is up to date, and get familiar with the new vunerabilities that are out so you can protect yourself.

    As far as reporting them, you could try all day and not be able to report all of them, and even if you did, they're most likely attacking from someone else's vunerable machine. The only thing you can really do is watch out for anyone who's aggressivly attacking you (i.e. one person who's running lots of attacks on you trying desperately to break into your machine at any cost), and report those ones, or if you can find a way to contact that person, tell them to stop before you report them to their isp and/or authorities, this will usually scare most people off.

    Once you do start paying some decent attention to security releases, a lot of these stupid things people try won't surprise you, like the ssh root attempt is because some tool came out recently that just scans netblocks for anyone running ssh and try's logging in as two different users with no password, root being one of them. If your not familiar with where to find security releases, here's some good places to start:

    packetstorm security
    Security Focus

  6. Re:Ignoring it == making the problem worse by Anonymous Coward · · Score: 5, Funny

    I swear, just like a women to take a technical problem and solving it by nagging someone's ear off

  7. Re:Ignoring it == raising criminals by Anonymous Coward · · Score: 5, Funny

    You fool! You had a strange woman just walk in and use your bathroom, and you let her get away? Arrrgg!