[ previous ] [ next ] [ threads ]
 
 From:  Michel Servaes <michel at mcmc dot be>
 To:  Monowall User List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  automatic change of ip when possible hacker...
 Date:  Sun, 20 Jan 2008 01:00:51 +0100
Hi,

Would it be possible to change IP (automatically) when the firewall 
notices a possible breach ?
Today I noticed in my log, multiple tries to several ports (known to be 
ports of other firewalls)... 3128, 8000, 8080, 8088, 8888   (they all 
originate from the same ip)

It would be nice that some kind of rule would detect this - and when 
rechecking them (on the same ports he used, I came nowhere)... but when 
checking pure on http, I arrived at a website asphost  (some polish 
company).

I immediately changed my MAC address, since this looked like a possible 
hacker trying to enter... That way my ISP changes my IP as well, but 
this sure would be a nifty way to avoid a hacker if this action would 
take place automatically (obviously only for people with a dynamic ip)

Kind regards,
Michel