On Friday 31 March 2006 14:08, Jacques B. wrote: >> > We've cut our bandwidth use in half by getting rid of that. We >> > also checked the logs and added several dozen more addresses >> > to /etc/hosts.deny, including many script based password guess >> > attempts that didn't get in. And put portsentry in its most >> > paranoid anal mode with a few additions yet. > >Might have been set up to host a botnet. A hacker will set up a rogue >IRC server and then point his army of infected bots to it for >instructions. So you'll find a channel with thousands of users in a >room, but nobody talking. What you have are all infected machines >monitoring the channel for commands from the hacker. This gives the >hacker a few layers of protection so very, very difficult to catch. >They use these botnets to distribute spam, launch DDOS, or whatever >else their imagination came come up with. Either of those would >contribute to an increase in bandwidth usage. Humm, we were in fact subjected to a DDOS attack early last sunday morning, which lead to the traffic servers demise & rebuild. Got us listed at spamcop & our mail died. > >Jacques B. -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
