> > What makes me curious is the fact that no ip came from the same
> > geographical area. Literraly the ips resolved to machines
> from all the
> > continents of the world! As if I was under global attack! :-)
> > Of course these could be spoofed, but surely that is a
> really tough feat
> > just for port-scanning.
>
> It's also conceivable that the scanning machines were actually
> compromised themselves, and that the scanning was being done
> automatically in an attempt to find more target boxes.
And that's why IMHO you should report portscanning so maybe people
notice there box is compromised. If gotten alot of glad answers from
people telling me the box portscanning me was compromised and there
very glad i told them.
Maybe not a aggressive letter but just a notice to them.