Hi, I just was hit by what I presume to be a "vulnerability" scanner. I saw numerous attacks which could not have been launched manually, that attempted webserver attacks against IIS, shopping cart software, and more, as well as a general port scan, cold fusion attacks, SNMP attacks, front page, web store, CGI and more in a span of 13 minutes. BlackIce reported tens of thousands of hits. The offending IP is from the 12.36.44.x block, AT&T Wordnet service backbone.
The probe/attack knocked me off the net at one point, flooding my connection: For 5 minutes a ping from a remote location got TTL expired messages, no route to host messages, etc. What vulnerability scanners are out there that will let you probe remote IPs like that? I'm in the 68. range. Any links/lists appreciated. My hunch, too, is nothing can really be done, other than securing my stuff. Thanks, Mike
