(Embedded
image moved
to file:
pic08534.pcx)
Agreed. But I was making a generic reference in the heat of being extremely
torqued off. Mea culpa.
Dan
As usual, the opinions expressed are mine alone.
-------------- In Response to --------------
From: Rogue Bolo <[EMAIL PROTECTED]> on 06/15/2000 08:43 AM
To: Dan R Dunn -CTR/Support/OUSD_AT@OUSD_AT
John Stevenson <[EMAIL PROTECTED]>
cc: "'hermit1'" <[EMAIL PROTECTED]>
[EMAIL PROTECTED]
Subject: RE: [FW1] hacker 194.73.175.25
I agree with you on every point you made with
exception of lumping hackers and crackers together.
They are very definitely not the same.
--- Dan R Dunn -CTR <[EMAIL PROTECTED]> wrote:
>
> (Embedded
> image moved
> to file:
> pic10108.pcx)
>
>
> Now there's a real thoughtful, mature suggestion.
> If all of us ping bombed
> everyone who scanned us every time we got scanned,
> nothing else would move on
> the Internet. Not to mention ping bombing a site
> (better known as a Denial of
> Service attack) is ILLEGAL in most civilized
> countries, including the US and
> Britain. Can we say law suit? Possible
> prosecution? I hope you're not
> expressing Southwest Security Group's official
> position on how to handle scans,
> intrusion attempts, etc. Your suggestion is the
> most irresponsible thing I've
> ever heard. I wonder what your ISP would think if
> they knew you advocated
> retaliatory strikes against possible probes? Or
> maybe your CIO/CEO should be
> informed of what you advocate. What you suggest
> makes you no better than the
> hackers/crackers/script kiddies out there.
>
> I'll get off my soapbox now.
>
> For hermit1: If you can't get in touch directly
> with bt.net, contact their
> up-channel ISP. You can usually get a response by
> sending an email to
> [EMAIL PROTECTED] or [EMAIL PROTECTED] NEVER
> attempt to retailate against
> a suspected probe. It could be an innocent
> misconfiguration, or as you
> suggested, the source address may be spoofed, in
> which case you just nuked the
> wrong source. Any retaliation, other than legal
> steps through proper channels,
> only lowers us to the level of the slime out there
> that has nothng better to do
> than to probe other people's networks.
>
-------------------------------------------------------------------------------
> Daniel R. (Dan) Dunn, EE
> Sr. INFOSEC Engineer, GRC Int'l (an AT&T company)
> OSD-ITD Firewall Administrator
> p: 703-614-8086, ext 300
>
> The opinions expressed by the author are entirely
> his own, and
> do not reflect those of AT&T, GRCI, Inc., or its
> subsidiaries,
> nor do they reflect policy, opinion, or endorsement
> by the
> US Department of Defense or any of its agencies.
>
> -------------- In Response to --------------
>
>
> From: John Stevenson <[EMAIL PROTECTED]> on
> 06/14/2000 04:29 PM
>
> To: "'hermit1'" <[EMAIL PROTECTED]>
> [EMAIL PROTECTED]
> cc:
> Subject: RE: [FW1] hacker 194.73.175.25
>
>
>
>
> PING BOMB THEM!
>
> -----Original Message-----
> From: hermit1 [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 14, 2000 2:54 PM
> To: [EMAIL PROTECTED]
> Subject: [FW1] hacker 194.73.175.25
>
>
>
> This is relevant only because my FW-1 logs show me
> this problem, but
> someone on this list must know the answer. I am
> trying to get in touch
> with someone at bt.net (apparently in England) to
> get them to stop scanning
> my address space (currently on scan number 4), or
> maybe someone is spoofing
> their IP address. The email addresses listed in
> RIPE do not exist.
>
> Any help will be appreciated.
>
> hermit1
>
>
>
> ***************************************************
> This is an email. Don't rely on anything seen here
> as being accurate without testing it yourself.
> ***************************************************
>
>
>
============================================================================
> ====
> To unsubscribe from this mailing list, please
> see the instructions at
>
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
> ====
>
>
>
================================================================================
> To unsubscribe from this mailing list, please
> see the instructions at
>
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
>
> ATTACHMENT part 2 application/octet-stream
name=pic10108.pcx
__________________________________________________
Do You Yahoo!?
Yahoo! Photos -- now, 100 FREE prints!
http://photos.yahoo.com
pic08534.pcx
