Is my ISP hacked? (more explanations)
Hello again,
About the three ping of the secondary DNS of my ISP every nearly ten minutes...
Please note that between 3 and 3 pings there is always near 10 minutes, but
it does not take 10 minutes from the beginning of my connection, it can be 1,
2, 5, 7 minutes, any value of time... THIS SEEMS A SCANNER NOT TRIGGERED BY MY
CONNECTION !!!
I THINK:
If I were a hacker I would hack an ISP (big bandwidth, fiber optic connection to
inet...), the secondary DNS is a good target.
Then obviously I will not use their IP to attack others... It is just like
cry "Ei, I have hacked this ISP!!!" and good-bye to the big bandwidth...
I would scan the dynamic IP range of him with "usuall" pings looking for
someone connected, then I would send it a packet to pop3 of another machine
(for example), just expecting to see if the packet returns masqueraded.
WHAT I'M LOOKING FOR is a Linux box with masquerade and without a proper
firewall!!! (sure there are a lot of these, nowadays everyone in probing
Linux...)
If I found one I would use it to attack freely, no one will find me!!!
All me attacks were masqueraded with the dynamic IP of another...
And why three ping and not just one? It looks like an ISP policy more than a
cracker scaning!
THEN:
Or I'm getting absolutely paranoid (and I should be closed urgently)
Or he is a monster and very clever...
- What do you think? (ok I should be closed... but what about the other? ;-)
Please excuse me if I'm saying silly things...
Best regards,
--
--------------------------------
Manel Marin e-mail: uni00771@pc-internet.com
Linux Powered (Debian 2.0)
--------------------------------
Reply to: