Actually, when my system gets scanned heavily, I often use InterNIC's
DNS records to get a technical contact at smaller schools and ISP's and
call the location directly. That usually always achieves some level of
acknowledgement.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 19, 1999 11:08 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED];
> [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: Netbus Scanner Response ?
>
>
> I'd say pretty slim! I can't even get responses from US
> ISP's! Hard to say why
> that port, probably thought no one would notice.
>
> Regards,
> Dennis Keller
> ADP Security Administrator
> DDSP-Z
> email: [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Joe Matusiewicz <[EMAIL PROTECTED]> at internet01
> Sent: Friday, March 19, 1999 10:18 AM
> To: [EMAIL PROTECTED] at internet01; Colin Campbell
> <[EMAIL PROTECTED]> at internet01; Joshua Chamas
> <[EMAIL PROTECTED]> at internet01
> Cc: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> at
> internet01
> Subject: RE: Netbus Scanner Response ?
>
>
> Its kinda funny we're discussing this. Just ten minutes ago
> I sent out an
> email about a scan from Japan that targeted 25 hosts on one
> of my networks
> that was targeted to port 2065. I'm puzzled by the choice of
> this port.
> But what do you think the odds are that someone in Japan will respond?
>
> -- Joe
>
>
> At 10:10 AM 3/19/99 -0500, Dominick Glavach wrote:
> >Joe:
> >
> >I agree. I would add that one should verfiy that the scan
> was not part
> >of a larger more successful attack before following up on
> the detected
> >attempt. -AND- document the all events for future reference.
> >
> >
> >--
> >-------------------------------------------------------------
> ----------
> >Dominick Glavach, IS Security/System Engineer
> [EMAIL PROTECTED]
> >Concurrent Technologies Corporation
> 814/269-2469
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
