| Question 2
| Every body know about hackers doing party on internet servers they dont
| own,so,i have an idea and doesn't know if this it's possible.
| If we put a prog to check our systems ( servers ) like portsentry,iplogger
| or whatever and create a script or program to filter this logs,grab the
| attackers IP, and auto-generate ipchains rules against the intruder???
| I mean,to take over a server you need to scan it first,or do an search on
| open ports and then attack(DOS attacks and many others).For example,port
| scanners searchs are fast ( last than 1 sec for x ports ) but they come
from
| the same source,taking base on this "magic program or script" will lock up
| IPs that change from one port to another in x secs and then generate an
| ipchains whatever -j REJECT.
| This is just a idea,and example,this kind a prog cam be made or allready
| exist?
This already exists. Programs like portsentry do this - but you have to be
aware of DOS attacks while implementing this. IF your "hacker" comes from
a domain your customers are on and you start blocking access from that
domain
shit will hit the fan because all of a sudden all the customers can access
your site
anymore.
J.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
