Cracking attempt

To: debian-isp@lists.debian.org
Subject: Cracking attempt
From: "Rod Rodolico" <stargazer@dailydata.net>
Date: Sun, 23 Feb 2003 20:36:05 -0600 (CST)
Message-id: <61874.67.66.8.41.1046054165.squirrel@client.dailydata.net>
Reply-to: stargazer@dailydata.net

Ok, the other day someone scanned the ports from 3102 to 3230 on my
server. My firewall picked it up and told me about it. I have the
originating IP, date/time, etc...

Question: What do you suggest I do about it? I've already contacted the
owner of the IP's (cox.net) but really don't know what they will do. I was
torn between "Gee, the firewall does work" and "I'd love to catch the
sucker." Have no idea what they were looking for as services lists
Interbase and Squid in that range.

Suggestions?

Rod


-- 
1.79 x 10^12 furlongs per fortnight -- it's not just a good idea, it's the
law!

Reply to:

Follow-Ups:
- Re: Cracking attempt
  - From: Sis <sis@helpalert.com>
- Re: Cracking attempt
  - From: "Jason Lim" <maillist@jasonlim.com>

Prev by Date: OpenLDAP and SMP machines
Next by Date: Debian Friendly ISP web page
Previous by thread: OpenLDAP and SMP machines
Next by thread: Re: Cracking attempt
Index(es):
- Date
- Thread