Re: Scan of TCP 552-554

From: Rodrigo Barbosa (rodrigob_at_suespammers.org)
Date: 07/31/03 

Date: Thu, 31 Jul 2003 17:00:25 -0300
To: Chris Shepherd <chriss@whstuart.com>

On Thu, Jul 31, 2003 at 08:42:27AM -0400, Chris Shepherd wrote:
> Quoting Rodrigo Barbosa <rodrigob@suespammers.org>:
> > You are right, of course. The thing I'm attempting is to make them
> > hit my traps faster, so I can react faster. And, as I said, I don't
> > think we should use the same method everywhere. Sametime I use
> > DROP, sometimes I use tcp-reset and sometimes, icmp-replies.
> >
> > As far as I got from this discussion, every method is about as good
> > as the other. All have advantages and problems. The real question is
> > how to balance them all to have the most benefits of each one of them.
> > Care to comment on this one ?
>
> In this case, it may make sense to keep your traps on a honeypot box. I'm having
> a bit of a difficult time understanding exactly what you mean by 'hit my traps
> faster, so I can react faster'. React how? What would your reaction to a port
> scan be? If you cite an example, I'll probably have a much clearer idea about
> what kinds of traps you're talking about. :)

Errr, filter the address or network on the border router ? That is one.
Contact the admin of the network about the scan is another.

[]s 

-- 
Rodrigo Barbosa <rodrigob@suespammers.org>
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

Relevant Pages

  • Re: Scan of TCP 552-554
    ... > hit my traps faster, so I can react faster. ... it may make sense to keep your traps on a honeypot box. ... What would your reaction to a port ...
    (Incidents)
  • Re: Will this work?
    ... One thing I notice with bigger weights - I don't get that "burn" in the muscle that lower weights give me, but I hit failure all the same - is that normal? ... direct arm work is useful, but personally, i'd not bother with the pec dec, since you're doing bench presses, and i'd swap the shrugs (which hit your traps) for upright rows. ...
    (misc.fitness.weights)
  • Re: help interpreting Gleemax posts
    ... They do keep talking about how they're making traps into more than ... while they try to avoid being hit. ... to support them, so that it doesn't rely on GM fiat or ad-hoc ...
    (rec.games.frp.dnd)
  • Re: What bait to use in mousetraps?
    ... You are just going to need to try different things until you hit the ones that work. ... Different mice like different things and they like different things at different times of the year. ... I've put traps out. ... I baited them with peanut butter, and the little bastards lick them ...
    (alt.home.repair)