Send an email to the abuse desk at the provider hosting that ip.Originally posted here by stanger
uh, heavy to find a good subject for this thread...
however...i will try carefully speaking about.
lets say,
you found a IP in your logfiles to many times,
portscanning your host, trying passwords and so on.
what would you do ?
You'll be walking on thin ice here. You DO run the risk of backfire.
yes, you would say:
"Let us have a look on it !"
"What ports are open there?"
let's say,
you scanned the host and the only thing you found compromisable
is a anonymous ftp server.
you would login to see whats goin on there, won't you?
but, and thats my question,
what would YOU do if you'd found a way related on the stored files there
to gain administrative rights on that host ?
would you tell the admin there how to compromise his machine ?
may be the machine is beeing used for bad things by UNKNOWN,
the admin could say that YOU have done all that **** there...!?
Just tell them what you saw in YOUR logs and have them figure out what happened.
Reply With Quote