Intrution attempts

[grethor]

I have recorded someone trying to access my root account on my freebsd box over 200 times. Luckily i have a detailed ftpd log file and I'm wondering who I should report this to to make sure that the a**hole who is trying to access my root account gets some serious harassment from the FBI.

 

[SlimShady]

i dont think there is much you can do, as it seems incidents like this are a very grey area kind of thing... not exactly illegal, but more or less just frowned upon. if anything, just send a report to his ISP you are able to determine that. otherwise just keep him blocked and deal.

 

[Darthkim]

Plus you never know....

the intrusion attempts may come from a box that was rooted by someone else.....

 

[XOR != OR]

Plus you never know....

the intrusion attempts may come from a box that was rooted by someone else.....

That, in combination with no lost "value" ( not sure what the term is ), is why law enforcement won't take it seriously.

'tis the game we play. Block 'em and move on.

Further, why are you running plain ol' ftp? sftp is so much more secure.

 

[grethor]

Further, why are you running plain ol' ftp? sftp is so much more secure.

I would run sftp but most ppl i know don't know how to use ssh

 

[shade91]

The guy is trying to access root via FTP? Must not be an experienced hacker. Most ftp daemons by default disallow ftp access via root.

Why not run SFTP? I've noticed it to be considerably slower than regular FTP. A man-in-the-middle attack or sniffing the clear-FTP-text doesn't come easy either.