Combating Cyber Vandalism: A Guide for Web Users and Owners

When your personal firewall software detects suspicious activity, such as repeated probes from the same source, it’s crucial to take action. Here’s what you can do:

Review Firewall Logs: Examine the logs to understand the nature and frequency of the probes.
Contact Your ISP: Send the logs along with a detailed incident description to your Internet Service Provider (ISP). They may have the resources to investigate further.
Trace the IP Address: Use a tracing program to identify the source IP address. However, be cautious as this could expose your IP address to the attacker. Ensure your firewall is properly configured to minimize risks.
Notify the IP Owner: If you can pinpoint a repetitive address, inform the owner with a polite email. This could be an ISP or a company whose system might be compromised and used for the attack.

Crafting an Effective Incident Report Email

When reaching out to an ISP or IP owner, it’s important to be clear and concise. Here’s an example of how to structure your email:

Subject: Unauthorized Activity Detected from Your Service
Body: Include the date, time, and nature of the activity, along with your firewall logs and any trace results. Request their assistance in investigating