<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.6000.16809" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>If life were only that simple. A lot of
hacking passes through unsuspecting intermediary computers, precisely to hide
their tracks, not to mention IP spoofing. People have offered for sale
access to 10,000 computers to use for propagating mischief. That's a lot
of IPs to block!</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I got hacked about six months ago. They came
in through SSH and figured out roots password, which was a concatenation of two
English words. I presume they did a dictionary search. Then they
changed the password, replaced some key files and launched a denial of service
attack against somebody (including compiling the program on my
machine)!</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I traced the IP address to a Comcast customer in
Indiana or something and notified Comcast, but haven't heard anything.
Probably their customer never even knew it happened--it was probably a hijacked
situation.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Prior to that I had been logging hundreds of
robotic attacks a day that were unsuccessful!</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I re-installed everything and changed my SSH to a
non-standard port and used a more robust password. I haven't had a single
hack attempt the four months since. For my purposes, I don't really need
SSH on a standard port. That made all the difference in the
world.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Two areas that have had large hacker presences in
the past: Russia and China. A lot of E-Mail spam originates in those
two areas, also. I've considered blocking the entire host domain for any
provider generating spam from those regions, as I have no legitimate business
need to correspond with people in those regions in general. However, I
suspect it might block messages from a few users on this list, and I know it
would block at least one user from another list I am on.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Wilton</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>