Home page logo
/

basics logo Security Basics mailing list archives

FW: Legal? Road Runner proactive scanning.[Scanned]
From: "James P. Saveker" <james () wetgoat net>
Date: Thu, 11 Mar 2004 22:08:27 -0000

You consider a port scan to be an attack?

Why is a port scan an attack?  Do other people on this list agree with this?

Perhaps I am naive,

James Saveker
www.wetgoat.net 

"The only thing which helps me maintain my slender grip on reality is the
friendship I share with my collection of singing potatoes..."

This e-mail has been virus checked by Sophos Mail Monitor. There are
inherent dangers in the opening any Attachments contained within e-mails.
wetgoat.net cautions you to make sure that you completely understand the
potential risks before opening any of the Attachments. You are solely
responsible for adequate protection and backup of the data and equipment
used in connection with this e-mail service, and wetgoat.net will not be
liable for any damages that you may suffer in connection with using,
modifying or distributing any of the Attachments.


-----Original Message-----
From: Bryan S. Sampsel [mailto:bsampsel () libertyactivist org] 
Sent: 10 March 2004 23:59
To: security-basics () securityfocus com
Subject: Re: Legal? Road Runner proactive scanning.[Scanned]

I've had entries from that system performing port scans...not simply SMTP
relay checking.

I think it's time to block 'em at the firewall, as I consider this
tantamount to an attack myself.

IMO,

bryan



Greg said:
We saw the same thing about a year ago and contacted them. They 
basically read to us verbatim what you have below. We now simply block 
that particular IP at the firewall. They haven't bothered us since.

--- jbod <for_the_republic () yahoo com> wrote:
Proactive scanning.  If everyone did this how would you ever sort 
through your logs?  Your IDS would go nuts constantly.

Excerpt:  "If your server connects to ours, we reserve the absolute 
right to perform SMTP relay and open proxy server tests upon the 
connecting IP address, to ensure that the machine at that IP address 
cannot be abused for malicious purposes."


http://securityscan.sec.rr.com/probing.htm
http://24.30.199.228/probing.htm


__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you're looking for faster 
http://search.yahoo.com

----------------------------------------------------------------------
----- Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off any course! All of our class sizes are guaranteed to be 
10 students or less to facilitate one-on-one interaction with one of 
our expert instructors.
Attend a course taught by an expert instructor with years of 
in-the-field pen testing experience in our state of the art hacking 
lab. Master the skills of an Ethical Hacker to better assess the 
security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------
------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills of an Ethical Hacker to better assess the security of your
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


Attachment: smime.p7s
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault