4 comments

[ 3.2 ms ] story [ 18.5 ms ] thread
We believe it is time to stand up to the hackers and spammers which is why we try to encourage people to be good netizens and report the abusive network traffic to their web servers.

Just CC your Logwatch reports to us and we will make sure the failed hacking attempts get reported to the appropriate ISP.

Do you know whether recurring attacks often come from the same attacking machines, so that there would actually be a significant decrease in the number or severity of the attacks ones the attackers are reported? What I'm wondering is if the money and effort spent on reporting the issues will benefit the one who's doing the work, or all network administrators everywhere? The latter might mean that the problem suffers from a version of the tragedy of the commons [1], where no one wants to do the work since the benefits are shared by everyone.

[1] http://en.wikipedia.org/wiki/Tragedy_of_the_commons

What we see so far is that large amounts of repeat attack do stem from the same ip:s, so shutting them down should lessen the overall amount of abusive traffic on the net as well as repeat abuse against your server(s).

For now, the service is completely free so we hope that server admins all over the world are willing to do large scale reporting of network abuse against their servers and that it will mean a decrease in abusive traffic. In the long run that would make it less viable to carry out these forms of attacks and lessening spam would certainly be something that benefitted everyone.

As a thanks for helping out with the reporting we also try to provide these server admins with some security tips which relate directly to their servers.

Very cool service. I can never be bothered reporting those damn hacking attempts and suspicious behaviour to ISP.