On Tue, Mar 06, 2001 at 01:12:46AM +0000, Tim Haynes wrote: > > It's also possible that someone is just exploring. > > Then they need educating that scanning such a vast range of ports is an > unacceptable definition of `exploring'. Well, that's your opinion. I don't know that I agree ... presumably I've already tied down my services; why do I care if someone is checking which ports are open? When I did see an extensive portscan I usually fired off one of my own to see what was up at that end. More often than not it turned out to be a misconfigured monitoring box (ever seen Whatsup at work?) OTOH I'll always defend your right to apply your opinion to your machines; if you want to get after someone who's portscanning your machines I won't stop you :) > > As a former network administrator I wasn't too worried about portscans > > unless they were followed up with actual connections. I also used > > portscans when needed to discover what users on the network were up to. > > Sure, but I hope you didn't let rip with them on other networks or sections > of network over which you didn't have control. We had a /18; I had plenty of IPs to keep an eye on. Some people were less cooperative than others. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Inc. | than a perfect plan tomorrow. mailto:nnorman@micromuse.com | -- Patton
Attachment:
pgpYgPljKLpRF.pgp
Description: PGP signature