Hi everyone,
Someone has been running (what appear to be) dictionary attacks against my server using (what appear to be) spoofed IP addresses. They haven't gotten through, and they won't with dictionary attacks (all user accounts have very good passwords), but this kind of thing is annoying.
I doubt there is anything I can do about this, but I thought I'd ask the group and see if any of you have ideas about what to do about this kind of thing.
In general, what do you guys do when your logs show someone attacking your server?
In a related vein, I administer a web/email/dns server for a friend of mine and his logs are showing spammers trying to relay messages through his machine. Of course, the relays are all denied, but this consumes server resources and network bandwidth. Again, any alternatives to just letting these kinds of things happen?
Thanks in advance,
Jim
Previous Topic
Index
