Re: OT: port scan

To: debian-user@lists.debian.org
Subject: Re: OT: port scan
From: Pollywog <croak@shadypond.com>
Date: Tue, 28 Nov 2000 16:59:04 +0000 (UTC)
Message-id: <[🔎] 20001128170605.8A2864D845@bullfrog.shadypond.com>
Reply-to: Pollywog <croak@shadypond.com>
In-reply-to: <[🔎] Pine.LNX.4.21.0011281435140.24512-100000@curiango.ipen.br>
References: <[🔎] Pine.LNX.4.21.0011281435140.24512-100000@curiango.ipen.br>

On Tue, 28 Nov 2000 14:40:09 -0200 (EDT), Mario Olimpio de Menezes said:

> 
>  Hi,
>  
>  	One computer where I have Debian installed was scanned
>  recently. Someone probed several ports (~20), maybe trying to determine
>  the running OS (something like nmap does).
>  	Do you think this *IS* an attack? I mean, should I report this
>  as *AN* attack?

If someone scans several ports, I usually do report it to their ISP,
sending them log excerpts that include the time they occurred and also my
time zone as reported by my computer.  The ISP would probably warn the
customer and even terminate the customer's account if they believe the
customer was up to no good.

I usually do not report attempts to connect to single ports.

--
Andrew

Reply to:

Follow-Ups:
- Re: OT: port scan
  - From: Damian Menscher <menscher@uiuc.edu>
- Re: OT: port scan
  - From: Philipp Schulte <p.schulte@matrix.uni-duisburg.de>
- Re: OT: port scan
  - From: Robert Waldner <Waldner@KPNQwest.at>

References:
- OT: port scan
  - From: Mario Olimpio de Menezes <mario@curiango.ipen.br>

Prev by Date: Re: Apache-SSL: NameVirtualHosts: separate certificates?
Next by Date: Re: password, username in .muttrc
Previous by thread: Re: OT: port scan
Next by thread: Re: OT: port scan
Index(es):
- Date
- Thread