Re: Scans from proxyprotector.com

From: Kurt Seifried (bt_at_seifried.org)
Date: 05/27/03

Next message: Ray Stirbei: "Re: A question for the list..."

Previous message: Matt LaFelero: "Re: Possible Intrusion Attempt?"
In reply to: Rob Shein: "RE: Scans from proxyprotector.com"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Rob Shein" <shoten@starpower.net>, "'Mark Ng'" <laptopalias1-mark@informationintelligence.net>, "'Justin Pryzby'" <justinpryzby@users.sourceforge.net>
Date: Tue, 27 May 2003 12:22:15 -0700

If someone does that much spoofing, constantly, then the target is going to
get bombarded anyways. Plus this wouldn't be totally automated, attempts to
contact the "hostile" party would be made, etc. No system is perfect, but
that doesn't mean it can't be used. This type of activity already occurs, a
new network block was opened up (67 or 69? I can't remember) and many
systems are firewalling it (used to be a reserved, unused class A), or
companies that get assigned network blocks formerly used in asia. This type
of thing happens all the time.

Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/

----------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Ray Stirbei: "Re: A question for the list..."

Previous message: Matt LaFelero: "Re: Possible Intrusion Attempt?"
In reply to: Rob Shein: "RE: Scans from proxyprotector.com"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]