On Thursday 18 April 2002 08:05 am, Wesley Allen wrote:
OK, Looking at my log file from my firewall reveals that not I've got people trying to through my firewall from...
66.189.81.226 (and 246) (http connect attempts) 62.163.126.100 (same domain as yesterday)
How do I track them back to the ISP's and send a message to their abuse@ address?
Someone's trying to ping me from 66.189.24.226 as well.
Am I being paranoid or could my isp be trying to crack my firewall to see if I've got any servers running?
Time to batten down the hatches...
Wes
Hi Wes, Thye're out there! I had the same problem when I setup an http site to debug an app I was working on. I kinda forgot about it and kept getting virus droppings in my scripts directory. Eventually I figured out what was going on and tightened the security on the site so I was the only one whjo had write access and that stopped it. I think there are folks who have nothing better to do than to write webbots to look for things inside their ISPs domain. As long as you have adequate protection against write access, you're probably OK. Some of the accesses were from machines operated by my ISP. I don't know what they were for :-} --Skip