Monday, April 19, 2010
So heard this story on NPR a few days back http://www.npr.org/templates/story/story.php?storyId=125578576 titled Cyber Insecurity: U.S. Struggles To Confront Threat and then heard Richard Clarke on Fresh Air today talking about 'The Growing Cyberwar Threat', can hear it hear http://www.npr.org/templates/story/story.php?storyId=126097038. I got to thinking how on my home box, which is running Fedora Linux, has port 22 open on the cable modem for ssh access and how I see attempts to connect to my system. I from time to time check /var/log/secure for IP address and I will do a nslookup with most of the time the results coming back as Asia or the former Soviet Union. Now from time to time I will send an e-mail to the admin of the system and let him know that someone is running a bot on his system or there is a script kiddie I then will also let Comcast, my ISP provider, know about the attempts. 100% of the time I get no response from anyone. My thought is would not it be a good thing if people could report attacks either on their own, like me submitting my secure logs, or via some sort of automated mechanism to the government so they could track the attacks?