Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

EarlyBird for Other Attacks?

From: gs-list <gs-list () glsrms com>
Date: Fri, 28 Jun 2002 14:26:30 -0500
Mr. Dyson's Early Bird tool has been a godsend to my web servers - Kudos to him for Early Bird!
Has anybody else developed countermeasure tools to combat the other vulnerability-seeking worms that are out there? For example, I have been seeing between 25 and 50 hits, per server, per day on port 1433. I'd like to start using some countermeasures against these attempts/attacks. Perhaps not malicious countermeasures, but one that would do an ARIN/RIPE WHOIS lookup, and notify the administrator of the IP Netblock of the attack.
Again, I reiterate the point -- Early Bird has been a godsend. I have received a range of responses to Early Bird notifications, including many thank-you messages from sysadmins. It would be nice to combat the other problematic stuff out there. 

Thanks,
Gregg Sperling
sysadmin glsrms.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: