Just ping 'em

I'll have a more sophisticated, possibly more effective response to
suggest, and will do that as and when I can. I don't like the crap that
continuously comes in. People tell me I should just lay back and take it.
Thank you, but, NO, you can be a victim if you want, but I do not want to
be a victim. You can be a wus if you want, - your choice.

Suggest mwcollect (http://www.mwcollect.org/), which I will implement when
I have a new server (after some other priorities).

For now, when I get a new intrusion attempt (from a zombie computer, no
doubt) just ping them back, continuously.

Dec 22 05:22:23 localhost kernel: IN=ppp0 OUT= MAC= SRC=211.233.66.23
DST=65.99.187.1 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP
SPT=6000 DPT=8080 WINDOW=16384 RES=0x00 SYN URGP=0

unintended, unappreciated, unallowed, untollerated.

$ ping 211.233.66.23

(running now)

Come back in the morning. :)

You all who now know my IP address can now attack me all night while I
sleep. If 100 others were as confident of their security as I am, and
would just "PING 'EM" overnight, someone might notice the bandwidth, and
make an "adjustment".

All good wishes to all good people. The bots can go to hell. Thank you.

On Thu, 22 Dec 2005 05:46:05 -0500, Newsbox wrote:

> I'll have a more sophisticated, possibly more effective response to
> suggest, and will do that as and when I can. I don't like the crap that
> continuously comes in. People tell me I should just lay back and take
> it.
> Thank you, but, NO, you can be a victim if you want, but I do not want
> to
> be a victim. You can be a wus if you want, - your choice.
>
> Suggest mwcollect (http://www.mwcollect.org/), which I will implement
> when I have a new server (after some other priorities).
>
> For now, when I get a new intrusion attempt (from a zombie computer, no
> doubt) just ping them back, continuously.
>
> Dec 22 05:22:23 localhost kernel: IN=ppp0 OUT= MAC= SRC=211.233.66.23
> DST=65.99.187.1 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP
> SPT=6000 DPT=8080 WINDOW=16384 RES=0x00 SYN URGP=0
>
> unintended, unappreciated, unallowed, untollerated.
>
> $ ping 211.233.66.23
>
> (running now)
>
> Come back in the morning. :)
>
> You all who now know my IP address can now attack me all night while I
> sleep. If 100 others were as confident of their security as I am, and
> would just "PING 'EM" overnight, someone might notice the bandwidth,
> and make an "adjustment".
>
> All good wishes to all good people. The bots can go to hell. Thank
> you.

oh yes, don't omit

46.234.126.209.in-addr.arpa domain name pointer
admin.ststephens-texas.com.

ping admin.ststephens-texas.com

With 99 friend this could get some attention.

with 99 foes, well let me know and we'll see.

Dec 22 05:41:28 localhost kernel: IN=ppp0 OUT= MAC= SRC=209.126.234.46
DST=65.99.187.1 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=17062 DF PROTO=TCP
SPT=2636 DPT=22 WINDOW=32120 RES=0x00 SYN URGP=0

46.234.126.209.in-addr.arpa domain name pointer admin.ststephens-texas.com.

Be happy.

Actually, you are so very right. We should all be wusses just like you
and never get our heads above the radar. What with the (delete
political/social/ethical issues of current)...

This isn't a security issue. Y'all go back to sleep. "Patriot" is not a
technical issue.

Apologies and best wishes to all.