On Thu, 2004-10-28 at 23:35 +1000, David wrote:
Here's a list of hack source addresses that
I've recorded over a period of two months:-
[...]
I checked one the other day and the IP was owned by a Korean
University.
And that's the problem. The majority of IP addresses you'll get are from
dial-up pools and other common uses. Blocking it permanently does no
good... the guy who attacked you is no longer there.
As an example, when I block IP addresses dynamically, I unblock them
after two days. I have almost *never* seen an IP address repeat itself,
and after a while I stopped even checking for repeats.
Cheers,
--
Rodolfo J. Paiz <rpaiz(a)simpaticus.com>