Forgot your password?
typodupeerror

+ - Ask slashdot: what to do when spotting a network intruder IP address? 1

Submitted by phr4nck
phr4nck (2743915) writes "I am in charge of a small website security. Everyday the FW logs show the IP address of people trying to get access to the system. This morning, I routinely was checking the file and a class A IP address trying to get root access held me up. It was coming from a big well known college on the US east coast. I contacted the IT security person and his first answer was:
"What are the timestamps on your logs? We located the machine a few hours ago and it should no longer be on our network."
I replied in sending a time stamped log file for which I received this answer:
"This host has been taken offline.
Thanks for reporting it."
It is not the first time I am reporting abusing access to my network and I have no idea if things are then taken seriously. What really to do? What would you do?
By the way the host is really currently offline."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ask slashdot: what to do when spotting a network intruder IP address?

Comments Filter:

As in certain cults it is possible to kill a process if you know its true name. -- Ken Thompson and Dennis M. Ritchie

Working...