Re: OT: port scan

To: debian-user@lists.debian.org
Subject: Re: OT: port scan
From: Pollywog <croak@shadypond.com>
Date: Tue, 28 Nov 2000 18:23:34 +0000 (UTC)
Message-id: <[🔎] 20001128182354.5ACF54D845@bullfrog.shadypond.com>
Reply-to: Pollywog <croak@shadypond.com>
In-reply-to: <[🔎] Pine.LNX.4.21.0011281212530.785-100000@intellx1.physics.uiuc.edu>
References: <[🔎] Pine.LNX.4.21.0011281212530.785-100000@intellx1.physics.uiuc.edu>

On Tue, 28 Nov 2000 12:15:39 -0600 (CST), Damian Menscher said:

>  > I usually do not report attempts to connect to single ports.
>  
>  You might want to keep in mind that scans of all ports are often just
>  general curiosity about what kind of stuff a computer is being used for,
>  while scans of a single port (on every machine in your subnet) is often
>  someone looking for a machine vulnerable to a *particular* exploit.  So
>  I'd say don't ignore the single-port scans.  They are as (or more)
>  serious.
I forgot to explain that I am on a dynamic IP address, and the reason I do
not bother with single port scans is that someone else on the same IP
address may have been running a server.  If I see scans to certain ports,
known to be searches for exploits, I always send the ISP the log entry.
>  
>  Of course, a connection to a single port on a single machine is probably
>  just some idiot who mistyped an IP address....

exactly, and I don't want to cause trouble needlessly.

--
Andrew

Reply to:

Follow-Ups:
- Re: OT: port scan
  - From: Robert Waldner <Waldner@KPNQwest.at>

References:
- Re: OT: port scan
  - From: Damian Menscher <menscher@uiuc.edu>

Prev by Date: Scanners, how?
Next by Date: Re: Gnome Sound Problems Continued
Previous by thread: Re: OT: port scan
Next by thread: Re: OT: port scan
Index(es):
- Date
- Thread