Many sites send a relatively curteous mail to the site or isp that
summarizes that logs and states that you detected a portscan and consider
this bad behavior, and would like the site to check to ensure that they have
not been compromised. This assists sites that are being used as jumping off
points to identify that they have been had.
It's important not to be discourteous, because you may incure the wrath of
some admins that will flame you to death.
Dion Stempfley
-----Original Message-----
From: Barry Hudson
To: nmap-hackers_at_insecure.org
Sent: 5/23/00 9:35 AM
Subject: can/should
As a new firewall admin I have a question for the white hats. I log
port scans and do a whois to locate the ISP that owns the ip address.
My questions is what else
can/should be done. I have no other reason to believe they got through
or committed any crime. What else are you guys doing? I hope this is
not to far off topic.
Barry S. Hudson
Network Systems Manager
Fredericksburg Savings Bank
www.fsbnk.com
Business Email - bhudson_at_fsbnk.com
All Other Email - barryhudson_at_compuserve.com
This email is intended for the addressee only. The material may be
privileged and confidential information. If you have received this
email in error, please notify me immediately by email and delete the
original. Thank you.
Received on May 24 2000
Intro
