Re: Attack Detected
- From: ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
- Date: Thu, 28 Dec 2006 14:01:23 -0600
On Thu, 28 Dec 2006, in the Usenet newsgroup comp.security.firewalls, in article
<4593ea1d$0$17135$4c368faf@xxxxxxxxxxxxxx>, Leythos wrote:
Port scans ARE targeting YOU as they are scanning YOUR network - just
because they are scanning everyone else doesn't mean they are not
Yes, it was, it was "semantics" to say that the scans were not targeting
individuals and to think that they don't really mean anything.
The comment is more for those individuals who, on seeing numerous
"attack" warnings from their personal firewall believes that all the
attacks are targeting them specifically. I didn't say that the port scans
are meaningless - merely that they are a fact of life.
And your method may not work for the OP or others - as some people may
have a web server or other running on their LAN that provides services
to family and friends also on the same ISP.
It's been mentioned countless times - know why OpenBSD has never had a
root exploit out-of-box (or so they claim)? Simple - _no_ network
services are enabled by default. You have to learn how to enable it, and
while doing so you hopefully will learn some of the really obvious bad
techniques to avoid. On the other hand, microsoft enables a _LOT_ of
stuff by default, on the off-chance that someone may find it useful.
The user therefore has no need (or incentive) to learn anything, with
the inevitable results.
I don't think you're missing anything that you don't want.
(notice I said ignorant and nix, because there are a LOT of new
ignorant NIX users with exposed systems and more are added every day).
Isn't _that_ the truth. Still, the "popular" *nix tend more towards
the 'not running by default' mode, and stress separation of the root
verses normal users. "Ubuntu Linux" (a Debian clone) goes so far as to
not enable the root account. You can't log in as root. If you need to
do administrative things, you use 'su' or 'sudo'. That of course raises
other problems, but they are much less important than using the system