5170 intrussions

It's incredible. I have just set up a w2k box, plus a firewall to stop stupid people with their infected computers to annoy me. In just few hours I have had more than 5000 attempts to connect to my computer through well known ports like 445, 5000, etc.

Looking at the firewall log, it can be clearly seen that almost all the intrusion attempts come from this very subnetwork (eresmas... aka wanadoo... aka uni2), thus generating a great amount of useless network traffic. Maybe the ISP should block or filter somehow this kind of packets.

Well, I know that could imply an attack against each client privacy - I never gave permission to my isp to read the packets my computer sends. But in any case, and as far as I can remember from my studies... it is possible for a TCP implementation to find out to which port is a packet addressed, without reading the packet contents (that is what should considered as a privacy intrusion), and then filter it - that's how firewalls work, roughly...

So maybe it could be possible to build an ISP software filter that detects when a user/computer sends packets addressed to the same port to entire ip ranges and then block subsequent accesses once reached a given number or something like that.

Maybe the spanish information techonologies lawyers should focus their efforts on this kind of crime and not the peer to peer (p2p) and related stuff which are much more sensationalist and spectacular, but that are not as pernicious as they told us.