off topic: reporting attempts to access computers

[GESBBB]

> From: Andrew Gould andrewlylegould at gmail.com
> 
> What information should I send to an abuse@* address when reporting a
> break-in attempt?
> 
> My logs show a dictionary attack of invalid user names against port 22.  I
> obtained an abuse@* email address using 'whois' and reported the beginning
> and ending date/times and the originating IP address.
> 
> Is there any other information I need to send?  Is there someone else I
> should notify?
> 
> Most of the attacks I receive are from other continents, so I just block the
> network range found via 'whois'.  In this case, the IP address is fairly
> local, so I'm hesitant to block the entire range.

There are some applications that you might want to install that can help. Personally, I have found reporting the abuse virtually useless. I use to just include the entire log with the data that pertained to the user in question; however, that just proved a waste of time.

If you are using 'passwords' to access your account, you might want to consider using certificates instead. That is far safer than using a password that eventually can be cracked.

-- 
Jerry