Daniel,
Wouldn't surprise me. Often these kinds of things are done from
compromised hosts, so that they don't reveal the true identity of the
attacker (who, obviously, doesn't want to go to jail ;).
Regards,
Alex.
On Mon, 5 Mar 2001, [iso-8859-2] Szabó Dániel wrote:
Hello.
My packet filter
On Mon, Mar 05, 2001 at 11:37:17PM +0100, Szab? D?niel wrote:
Hello.
My packet filter ruleset catched somebody on port scanning one of our host.
He or she tryed to scan a very big port range from tcp 1 up to 32000 (think
with nmap), but my packet filter denied his/her queries (the kernel
On Tue, Mar 06, 2001 at 01:12:46AM +, Tim Haynes wrote:
It's also possible that someone is just exploring.
Then they need educating that scanning such a vast range of ports is an
unacceptable definition of `exploring'.
Well, that's your opinion. I don't know that I agree ...
Well, as a network administrator, I feel thusly:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
Of Tim Haynes
Subject: Re: i've been port scanned. now what
Nathan E Norman [EMAIL PROTECTED] writes:
[snip]
[...]
Sure, but I hope you didn't let rip
Hello.
My packet filter ruleset catched somebody on port scanning one of our host.
He or she tryed to scan a very big port range from tcp 1 up to 32000 (think
with nmap), but my packet filter denied his/her queries (the kernel
generated 1 mb log in 3 minutes with the denied packets). I have
On Mon, Mar 05, 2001 at 11:37:17PM +0100, Szab? D?niel wrote:
Hello.
My packet filter ruleset catched somebody on port scanning one of our host.
He or she tryed to scan a very big port range from tcp 1 up to 32000 (think
with nmap), but my packet filter denied his/her queries (the kernel
On Mon, Mar 05, 2001 at 11:37:17PM +0100, Szabó Dániel wrote:
Hello.
My packet filter ruleset catched somebody on port scanning one of our host.
He or she tryed to scan a very big port range from tcp 1 up to 32000 (think
with nmap), but my packet filter denied his/her queries (the kernel
Nathan E Norman [EMAIL PROTECTED] writes:
[snip]
Well, that all depends ... do you consider port scanning criminal
activity or not?
I do not - I think you should view a port scan as a possible indication
that someone intends to attack you.
Agreed.
It's also possible that someone is just
On Mon, Mar 05, 2001 at 11:37:17PM +0100, Szab? D?niel [EMAIL PROTECTED]
wrote:
My packet filter ruleset catched somebody on port scanning one of our host.
He or she tryed to scan a very big port range from tcp 1 up to 32000 (think
with nmap), but my packet filter denied his/her queries (the
On Tue, Mar 06, 2001 at 01:12:46AM +, Tim Haynes wrote:
It's also possible that someone is just exploring.
Then they need educating that scanning such a vast range of ports is an
unacceptable definition of `exploring'.
Well, that's your opinion. I don't know that I agree ... presumably
Well, as a network administrator, I feel thusly:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf
Of Tim Haynes
Subject: Re: i've been port scanned. now what
Nathan E Norman [EMAIL PROTECTED] writes:
[snip]
[...]
Sure, but I hope you didn't let rip
11 matches
Mail list logo