FW: Legal? Road Runner proactive scanning.[Scanned]

From: James P. Saveker (james_at_wetgoat.net)
Date: 03/11/04

  • Next message: Austin Moran: "Source of hack attemps" 
    Date: Thu, 11 Mar 2004 22:08:27 -0000
To: <security-basics@securityfocus.com>

    You consider a port scan to be an attack?

    Why is a port scan an attack? Do other people on this list agree with this?

    Perhaps I am naive,

    James Saveker
    www.wetgoat.net

    "The only thing which helps me maintain my slender grip on reality is the
    friendship I share with my collection of singing potatoes..."

    This e-mail has been virus checked by Sophos Mail Monitor. There are
    inherent dangers in the opening any Attachments contained within e-mails.
    wetgoat.net cautions you to make sure that you completely understand the
    potential risks before opening any of the Attachments. You are solely
    responsible for adequate protection and backup of the data and equipment
    used in connection with this e-mail service, and wetgoat.net will not be
    liable for any damages that you may suffer in connection with using,
    modifying or distributing any of the Attachments.

    -----Original Message-----
    From: Bryan S. Sampsel [mailto:bsampsel@libertyactivist.org]
    Sent: 10 March 2004 23:59
    To: security-basics@securityfocus.com
    Subject: Re: Legal? Road Runner proactive scanning.[Scanned]

    I've had entries from that system performing port scans...not simply SMTP
    relay checking.

    I think it's time to block 'em at the firewall, as I consider this
    tantamount to an attack myself.

    IMO,

    bryan

    Greg said:
    > We saw the same thing about a year ago and contacted them. They
    > basically read to us verbatim what you have below. We now simply block
    > that particular IP at the firewall. They haven't bothered us since.
    >
    > --- jbod <for_the_republic@yahoo.com> wrote:
    >> Proactive scanning. If everyone did this how would you ever sort
    >> through your logs? Your IDS would go nuts constantly.
    >>
    >> Excerpt: "If your server connects to ours, we reserve the absolute
    >> right to perform SMTP relay and open proxy server tests upon the
    >> connecting IP address, to ensure that the machine at that IP address
    >> cannot be abused for malicious purposes."
    >>
    >>
    >> http://securityscan.sec.rr.com/probing.htm
    >> http://24.30.199.228/probing.htm
    >>
    >
    > __________________________________
    > Do you Yahoo!?
    > Yahoo! Search - Find what you're looking for faster
    > http://search.yahoo.com
    >
    > ----------------------------------------------------------------------
    > ----- Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off any course! All of our class sizes are guaranteed to be
    > 10 students or less to facilitate one-on-one interaction with one of
    > our expert instructors.
    > Attend a course taught by an expert instructor with years of
    > in-the-field pen testing experience in our state of the art hacking
    > lab. Master the skills of an Ethical Hacker to better assess the
    > security of your organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > ----------------------------------------------------------------------
    > ------
    >

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the
    skills of an Ethical Hacker to better assess the security of your
    organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------

  • Next message: Austin Moran: "Source of hack attemps"

    Relevant Pages

    • RE: Strange loopback in firefox.
      ... described as heavy attack from outside IP addresses. ... either using the Microsoft_DS port or epmap port to connect). ... For example a connection from port 3014 to 3015 and the next ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Security-Basics)
    • RE: Legal? Road Runner proactive scanning.[Scanned]
      ... I do not consider port-scanning in and of itself to be an attack. ... > Attend a course taught by an expert instructor with years of ... Master the skills of an Ethical Hacker to better assess the ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Security-Basics)
    • RE: Preventing DDOS Syn floods on HTTP servers
      ... but won't stop any big attack. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Dos Attack
      ... Subject: Dos Attack ... 1A0B from outside of your ISP, or even from outside of New Zealand - ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: locking down snort
      ... When setting up snort the best method is ... Also in larger networks the sniffer management port can sit on the ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)