Re[2]: IP spoofing -- assessment

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Gene Spafford: "Re: Intro"
• Previous message: Paul Ferguson: "Re: IP spoofing -- assessment"

Haven't seem IP spoofing (yet).

>things like number of attacks, number of successes, and number of
compromises

  Lost count of number of attacks,  no known successes, no known
compromises.

>(along with things like the top ten attacks you've seen)

(1)  Usually several send-mail attacks a day.  One recent weekend had
eleven in a 8 hour period.

(2)  Unable to identify precise nature of attack against high numbered
ports, but happens so fast it must be a scripted attack.  Usually once or
twice a day.  Often from known critter breeding grounds.

(3)  Approximately 1 attack per week over dial up lines.  These critters
often try to get in using system administrators names, even though we have
never made the sys admin's names known to anyone and they don't use
dial-up.  The critters clearly did their homework.

I am not a system administrator.  Just a simple farm boy out of his depth.

I like the idea of an e-mail server to deal with the attack topic.  Am
certain I would learn something from it.


                                              Hog Farmer

• Next message: Gene Spafford: "Re: Intro"
• Previous message: Paul Ferguson: "Re: IP spoofing -- assessment"