[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: port scan

My $0.02,

report to $scanners_isp and cc $your_isp

Provide facts and logs

do not make wild accusations or ranting speaches, in my experience
people who do so are almost always wrong :)  Like writing me about how
their ISP told them ai.mit.edu what the place to write to about some
thing from (we have 128.52/16)

on a single host it is hard to determine intent or accident, when I
see an outside host has made a scan of every ip in our range that
*means* something.

but a single host, if that is your only point of view or if it's a
highly visible system (www, ftp, smtp, pop, ns1) may mean something,
no harm in reporting it just for the record.

as a side note, people do tend to listen to my "official" email both
because of the return address and since alot of lab funding is
government money unauthorized access or elevation of privilege is a
federal (US) crime with a mandatory 6mo prison term, this doesn't really
happen from what I understand, but passing that along helps :)

no portscanning isn't a crime, but if one occurs the scan can be


Reply to: