# Abuse reports



## bluetick (Sep 10, 2009)

When you get hammered for a couple of hours from the same ip.
Do you report the abuse to the email listed from whois???

I had one guy call me and thank me. He said at the time it occured they were closed. In checking his system, he found someone had remote access he did not know about.


----------



## saxon3049 (Sep 10, 2009)

I send to the service provider and then the contact listed via who.is


----------



## sand_man (Sep 11, 2009)

bluetick said:
			
		

> When you get hammered for a couple of hours from the same ip.
> Do you report the abuse to the email listed from whois???
> 
> I had one guy call me and thank me. He said at the time it occured they were closed. In checking his system, he found someone had remote access he did not know about.



Just out of curiosity. What are you serving that got hammered for a few hours?


----------



## dennylin93 (Sep 14, 2009)

I'm just gussing, but it might be SSH. I previously had thousands of failed logins before I used securirty/sshguard-pf.


----------



## bluetick (Sep 14, 2009)

Imap, average of 45-60 hits per second. I've started using pf with block of ip,


----------

