Quoting Rudie (rudie at sihope.com): > On Thursday 19 July 2001 04:54 pm, you wrote: > > Needless to say, if you see these attacks coming from various > > places, you should try to let them know they have been infected. > > > > dsc > > > A lot of time spent looking up IP's, emailing sysadmins, and most of these > appear to be on foreign soil. > Only a few of these on my list have been here in the states Just ride it out. The IPs are overseas because it makes it even harder to resolve any problems. You got time difference, language difference, cultural differences and let's face it, many countries just do not like the US so they don't want to help. To top it all off, the source address are probably spoofed. Just another reason NOT to run IIS in my opinion. -- Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 http://www.mn-linux.org | Fax : (952)943-8500 Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9