Home page logo
/

basics logo Security Basics mailing list archives

RE: Legal? Road Runner proactive scanning.[Scanned]
From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 11 Mar 2004 17:23:14 -0800

  The last time I was port-scanned by an ISP,

(a) it was one I was no longer using,

(b) it was from a pod of machines named after famous pirates and
    gangsters, and

(c) when contacted, they claimed they had only meant to check their
    own internal systems, not those of (ex) customers.

Dave Gillett


-----Original Message-----
From: James P. Saveker [mailto:james () wetgoat net]
Sent: Thursday, March 11, 2004 2:08 PM
To: security-basics () securityfocus com
Subject: FW: Legal? Road Runner proactive scanning.[Scanned]


You consider a port scan to be an attack?

Why is a port scan an attack?  Do other people on this list 
agree with this?

Perhaps I am naive,

James Saveker
www.wetgoat.net 

"The only thing which helps me maintain my slender grip on 
reality is the
friendship I share with my collection of singing potatoes..."

This e-mail has been virus checked by Sophos Mail Monitor. There are
inherent dangers in the opening any Attachments contained 
within e-mails.
wetgoat.net cautions you to make sure that you completely 
understand the
potential risks before opening any of the Attachments. You are solely
responsible for adequate protection and backup of the data 
and equipment
used in connection with this e-mail service, and wetgoat.net 
will not be
liable for any damages that you may suffer in connection with using,
modifying or distributing any of the Attachments.


-----Original Message-----
From: Bryan S. Sampsel [mailto:bsampsel () libertyactivist org] 
Sent: 10 March 2004 23:59
To: security-basics () securityfocus com
Subject: Re: Legal? Road Runner proactive scanning.[Scanned]

I've had entries from that system performing port scans...not 
simply SMTP
relay checking.

I think it's time to block 'em at the firewall, as I consider this
tantamount to an attack myself.

IMO,

bryan



Greg said:
We saw the same thing about a year ago and contacted them. They 
basically read to us verbatim what you have below. We now 
simply block 
that particular IP at the firewall. They haven't bothered us since.

--- jbod <for_the_republic () yahoo com> wrote:
Proactive scanning.  If everyone did this how would you ever sort 
through your logs?  Your IDS would go nuts constantly.

Excerpt:  "If your server connects to ours, we reserve the 
absolute 
right to perform SMTP relay and open proxy server tests upon the 
connecting IP address, to ensure that the machine at that 
IP address 
cannot be abused for malicious purposes."


http://securityscan.sec.rr.com/probing.htm
http://24.30.199.228/probing.htm


__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you're looking for faster 
http://search.yahoo.com


----------------------------------------------------------------------
----- Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off any course! All of our class sizes are 
guaranteed to be 
10 students or less to facilitate one-on-one interaction 
with one of 
our expert instructors.
Attend a course taught by an expert instructor with years of 
in-the-field pen testing experience in our state of the art hacking 
lab. Master the skills of an Ethical Hacker to better assess the 
security of your organization.
Visit us at:

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------
------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills of an Ethical Hacker to better assess the security of your
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]