on Tue, Nov 28, 2000 at 10:03:08PM +0100, Philipp Schulte (p.schulte@matrix.uni-duisburg.de) wrote: > On Tue, Nov 28, 2000 at 12:35:27PM -0800, kmself@ix.netcom.com wrote: > > > > But what kind of pressure can $your_provider put on a portscanner from > > > $evil_provider? > > > Phil > > > > Domain-level blocking of...mail, news, DNS.... > > Show me the ISP that is willing to take these steps because of a > portscanning script-kiddie. portsanning is not even illegal here in I scan myself, routinely, particularly in tracking down spam boxes. 'Fact, I've created a little script to automate some datagathering, attached. I also will occasionally scan through the address space my dialup system is on to try to locate it, doing a targeted scan on port 22, when my other locating systems fail. I can then attempt logins on the very small (0.1%) of systems indicatin open services on that port. Portscanning itself isn't necessarily evil. As a larger pattern of behavior, however, it can indicate problems. Where these problems aren't being addressed by system or ISP owners, actions may be taken. -- Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself Evangelist, Zelerate, Inc. http://www.zelerate.org What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org
#!/bin/sh PATH=/usr/bin:/bin:/usr/sbin:/sbin # Get some data on a spam-orginating host, specify by IP. # enable sudo sudo -v echo "ping check:" ping -c 2 $@ echo -e "\nRBL relays check:" rblcheck $@ echo -e "\nHost name resolution:" nslookup $@ echo -e "\nTraceroute:" traceroute $@ echo -e "\nOpen ports and OS:" sudo nmap -sS -O $@
Attachment:
pgpCc5FI2T5Rr.pgp
Description: PGP signature