I agree with you, but if you send it to their abuse mail for example
[EMAIL PROTECTED]
they can take it from there and make sure who is or is not the real
source. Sometimes it works well and they report back that they have
had it out with the guy.
----- Original Message -----
From: "LiquidK" <[EMAIL PROTECTED]>
To: "Floyd Moore" <[EMAIL PROTECTED]>
Cc: "Firewalls Mailing List" <[EMAIL PROTECTED]>
Sent: Sunday, February 20, 2000 11:25 AM
Subject: Re: Someone is scanning me
On Fri, Feb 18, 2000 at 03:17:41PM -0500, Floyd Moore wrote:
> I agree every one of the buggers should be reported. At least
Twenty
> Scans for Trojans are recorded here every week. It's a disgrace and
we
> can all assist in wiping it out by tracking and reporting them.
Assuming tracking is possible. If you report on the basis that
the source address of the portscan is really the source address of the
person
portscanning you (or forging a portscan), I would use Queen Amidala's
words:
You assume too much.
Forging portscans is trivial. Don't always assume and start reporting/
demading responsability from an ISP just becase you received a probe
with the
source address of that ISP. If your main sources of information are
unrealiable,
then your assumptions will be unreliable too.
Regards,
LiquidK
--
LiquidK <[EMAIL PROTECTED]>
http://superbofh.org/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
