[Dshield] preventing brute force with spoof / proxied (Goldeneye etc.)

Frank Rizzo frankrizzocalled at hotmail.com
Thu May 23 00:15:57 GMT 2002

>>Do the proxies happen to be displaying his IP in the "X-Forwarded-For" 
>>HTTP header?  I realize some proxies don't send that header, but if these 

Unfortunately no. The thing with these brute force programs is that they 
test for proxies that dont have the x-forwarded-for on. When they look for 
proxies they get like green lights and black lights to show which proxies to 

I tell you I have emailed over 100 webmaster/hostmaster/abuse/personalnames 
obtained from whois lookups the past 3 nights. I'm requesting they check 
their logs to give me the true IP address (as long as its not spoofed or 
proxied from a proxy)

Someone tell me fight back works. I'm not seeing the results yet.

Send and receive Hotmail on your mobile device: http://mobile.msn.com

More information about the list mailing list