james wrote:
: > I may be reaching here but I think perl scripting can do this. : : I wish. I've been experimenting with doing exactly that for years.
That is what I ment by "reaching", it was not intended to be a smart a** comment. How about mailing to abuse/postmaster@<domain> ? I realize that the postmaster/abuse account is often non-existent but at least you made the effort. To me the important thing is at least trying to notify. So the clueless miss out. Tuff. Those of us that care would like to know there is a problem, so we can solve it.
I have been laid off for a while now so I may be out of touch, but for all of the attacks I worked on, the only think we could know (emphasis "could") was which interface the attack vehicle arrived on, as a maximum. Everything else was forged, spoofed, or unintelligble. I was probably not filtering off traffic from you (for any value of "you"), I was filtering off stuff with your IP address in it.