Security Incidents mailing list archives

Re: blackholing t-dialin.net? sympatico.ca?

From: Steffen Dettmer <steffen () dett de>
Date: Thu, 8 Mar 2001 22:34:34 +0100

* Jose Nazario wrote on Wed, Mar 07, 2001 at 15:33 -0500:

well, like many of you, i continue to receive FTP and sometimes telnetd
sweeps from sympatico.ca and t-dialin.net. so far i haven't had a

t-dialin.net, however, has been the source of many probes for many of us
on this list, yet a quick attempt to find their AUP leaves me lacking.
(was it t-dialin.net who has the 'port scans are ok with us!' AUP?)


Please note, that T-Online has a lot of dial up accounts, it's
the largest provider in germany. For me it sounds a little bit
like blackholing AOL or a Topleveldomain completly.

still, this situation continues. is it worth starting to block their
dialin netblocks?


Do you think that this would help you a lot? If so, then block
it, but better block anything that's not needed. Don't use
telnet, and block it at the outer firewall, and use a few FTP
servers only, and block access to the rest of the servers. This
keeps the services usable and your network more secure I think.

oki,

Steffen

-- 
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

Current thread:

blackholing t-dialin.net? sympatico.ca? Jose Nazario (Mar 07)
- Re: blackholing t-dialin.net? sympatico.ca? Daniel R. Warner (Mar 07)
- AW: blackholing t-dialin.net? sympatico.ca? Jens Thiel (Mar 07)
- Re: blackholing t-dialin.net? sympatico.ca? Steffen Dettmer (Mar 09)
- <Possible follow-ups>
- Re: blackholing t-dialin.net? sympatico.ca? Bill Royds (Mar 07)
- Re: blackholing t-dialin.net? sympatico.ca? Robert G. Ferrell (Mar 08)
  - Re: blackholing t-dialin.net? sympatico.ca? Jose Nazario (Mar 08)