Security Incidents mailing list archives

Re: @home: Is *anyone* really home there???


From: wozz+incidents () WOOKIE NET (Wozz)
Date: Mon, 28 Feb 2000 17:29:50 -0700


On Mon, Feb 28, 2000 at 03:37:02PM -0500, David Kennedy CISSP wrote:

nmap scans?
<insert tool name here> scans?
RPC probes?
DNS probes?
Trojan probes?
Queso/Operating System probes?
smurf/fragle/teardrop/land etc.?

other candidates?
PC Anywhere
Proxy probes, 1080, wingate, funk etc.?

All of the above are perfectly valid complaints and I wouldn't hesitate to act
on them.  My problem is with the tools that claim someone trying to send one
packet to your port 25 is a hacker looking to steal all your stuff.


It should also be clear that an autoresponse is better than no
response at all.  A boilerplate of "We are not usually able to respond
personally to each message received, but wish to assure you that we
investigate each report, and will take appropriate action in
accordance with our policies," (Sprint's autoresponse)  is good
enough.  How hard is that?


Its not, and this is something we are working on.  I've even considering a
auto-respond that asks users to go to a web page and fill out a form to
register a complaint, as that way I can be assured I have the information I
need to act upon, and don't have to waste everyone's time with followup
emails.


Current thread: