On Fri, 13 Aug 2004 10:34:32 -0500 Steve Swantz <tclug at nwaalpa.org> wrote: > This guys script shows the attacker a list of other machines that > have attacked your box. IIRC (and feel free to correct me), a lot > of these attacks (default.ida?) are coming not from script kiddies > but automatically from machines that have been compromised. So in > effect, you're giving the attacker a ready made list of boxes that > may already have backdoors on them that they may be able to > exploit. That's a good point, I'd guess that the majority of these are coming from comprimised hosts. I think I'm going to .htaccess the full log and mod the script to just display the text without the IP's back to the user/script/whatever. josh _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list