Home page logo
/

basics logo Security Basics mailing list archives

RE: Legal? Road Runner proactive scanning.[Scanned]
From: James.Fields () bcbsfl com
Date: Fri, 12 Mar 2004 07:42:31 -0500

I do not consider port-scanning in and of itself to be an attack.  I do
consider it a possible precursor to one;  I choose to automatically shun
the sources of these.  

-----Original Message-----
From: James P. Saveker [mailto:james () wetgoat net] 
Sent: Thursday, March 11, 2004 5:08 PM
To: security-basics () securityfocus com
Subject: FW: Legal? Road Runner proactive scanning.[Scanned]

You consider a port scan to be an attack?

Why is a port scan an attack?  Do other people on this list agree with
this?

Perhaps I am naive,

James Saveker
www.wetgoat.net 

"The only thing which helps me maintain my slender grip on reality is
the
friendship I share with my collection of singing potatoes..."

This e-mail has been virus checked by Sophos Mail Monitor. There are
inherent dangers in the opening any Attachments contained within
e-mails.
wetgoat.net cautions you to make sure that you completely understand the
potential risks before opening any of the Attachments. You are solely
responsible for adequate protection and backup of the data and equipment
used in connection with this e-mail service, and wetgoat.net will not be
liable for any damages that you may suffer in connection with using,
modifying or distributing any of the Attachments.


-----Original Message-----
From: Bryan S. Sampsel [mailto:bsampsel () libertyactivist org] 
Sent: 10 March 2004 23:59
To: security-basics () securityfocus com
Subject: Re: Legal? Road Runner proactive scanning.[Scanned]

I've had entries from that system performing port scans...not simply
SMTP
relay checking.

I think it's time to block 'em at the firewall, as I consider this
tantamount to an attack myself.

IMO,

bryan



Greg said:
We saw the same thing about a year ago and contacted them. They 
basically read to us verbatim what you have below. We now simply block

that particular IP at the firewall. They haven't bothered us since.

--- jbod <for_the_republic () yahoo com> wrote:
Proactive scanning.  If everyone did this how would you ever sort 
through your logs?  Your IDS would go nuts constantly.

Excerpt:  "If your server connects to ours, we reserve the absolute 
right to perform SMTP relay and open proxy server tests upon the 
connecting IP address, to ensure that the machine at that IP address 
cannot be abused for malicious purposes."


http://securityscan.sec.rr.com/probing.htm
http://24.30.199.228/probing.htm


__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you're looking for faster 
http://search.yahoo.com

----------------------------------------------------------------------
----- Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off any course! All of our class sizes are guaranteed to be 
10 students or less to facilitate one-on-one interaction with one of 
our expert instructors.
Attend a course taught by an expert instructor with years of 
in-the-field pen testing experience in our state of the art hacking 
lab. Master the skills of an Ethical Hacker to better assess the 
security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------
------



------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills of an Ethical Hacker to better assess the security of your
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----




Blue Cross Blue Shield of Florida, Inc., and its subsidiary and affiliate companies are not responsible for errors or 
omissions in this e-mail message. Any personal comments made in this e-mail do not reflect the views of Blue Cross Blue 
Shield of Florida, Inc.  The information contained in this document may be confidential and intended solely for the use 
of the individual or entity to whom it is addressed.  This document may contain material that is privileged or 
protected from disclosure under applicable law.  If you are not the intended recipient or the individual responsible 
for delivering to the intended recipient, please (1) be advised that any use, dissemination, forwarding, or copying of 
this document IS STRICTLY PROHIBITED; and (2) notify sender immediately by telephone and destroy the document. THANK 
YOU.



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault