---

Frequenty Asked Questions

1. Who get blocklisted?

   We have a system that automatically detects intrusions. When too many attempts are detected on our machines, ALL our machines will automatically be protected against it.

   Possible intrusions are as follow:
   - Many failed attempts to access our system. Example of non obvious attempts are: repeated failed sftp, scriptedlogin, hidden malware, etc.
   - Your IP is registered in community based blocklist services like BadIps.com or blocklist.de
   - Other attempts to access that are deemed illegal. Example: using site penetration software, bruteforce attempts, etc.

2. Why is my machine still get blocklisted?

   Our system will keep instrusive IP numbers for about 2 days after the activity stops. Some IP numbers will permanently be blocklisted if it continues for many days or weeks. The only way to get out of the permanent blocklist is to send email to help@cs.rutgers.edu

3. Is there a way around this blocklist?

   YES. The way around the blocklist are:

   • Login to iLab machines using WebLogin (recommended) or Windows Remote Desktop.
   • Use University OIT VPN server. VPN server is University run service, please contact University HelpDesk if you need help with this service or software installation.

4. Where can I learn more about this blocklist system?

   The info about our intrusion system is available online at LCSR Systems SSH/RDP Attack page. This system tells you details of attacks being done to CS systems at present time.

---