Security Basics mailing list archives
Re: Legal? Road Runner proactive scanning.
From: "steve" <securityfocus () delahunty com>
Date: Fri, 12 Mar 2004 11:44:56 -0500
Also makes me think that their port scanning is no different than anyone else port scanning you. Is that legal or not --- I would say it is not illegal but not necessarily ethical. And back to the orignal concern, your IDS logs, do you check every entry in your IDS logs? I would think that most IDS logs would not alert on this type activity since it really has become so commonplace. I don't know many places that check every log entry in their IDS but rather focus on those that are truly potential attacks. I do see most of us might make an argument that a port scan is the initial phase of a potentially larger attack later. ----- Original Message ----- From: "Mitchell Rowton" <mrowton () bdo com> To: <bsampsel () libertyactivist org>; <security-basics () securityfocus com> Sent: Thursday, March 11, 2004 5:10 PM Subject: Re: Legal? Road Runner proactive scanning. I'm sure they could argue that a port scan was checking ports for "open proxies." Are they just scanning for port 25 or actually doing an open relay test? Same with proxy, are they just scanning for 8080 and other ports, or are they testing also? Sounds like they are abusing machines to find out if they can be "abused for malicious purposes."
"Bryan S. Sampsel" <bsampsel () libertyactivist org> 03/10/04 06:58PM
I've had entries from that system performing port scans...not simply SMTP relay checking. I think it's time to block 'em at the firewall, as I consider this tantamount to an attack myself. IMO, bryan Greg said:
We saw the same thing about a year ago and contacted them. They basically read to us verbatim what you have below. We now simply
block
that particular IP at the firewall. They haven't bothered us since. --- jbod <for_the_republic () yahoo com> wrote:Proactive scanning. If everyone did this how would you ever sort through your logs? Your IDS would go nuts constantly. Excerpt: "If your server connects to ours, we reserve the absolute right to perform SMTP relay and open proxy server tests upon the connecting IP address, to ensure that the machine at that IP address cannot be abused for malicious purposes." http://securityscan.sec.rr.com/probing.htm http://24.30.199.228/probing.htm__________________________________ Do you Yahoo!? Yahoo! Search - Find what you're looking for faster http://search.yahoo.com
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get
$545 off
any course! All of our class sizes are guaranteed to be 10 students
or
less to facilitate one-on-one interaction with one of our expert
instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master
the
skills of an Ethical Hacker to better assess the security of your
organization.
Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- NOTICE: The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof. If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately. --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Legal? Road Runner proactive scanning. jbod (Mar 09)
- Re: Legal? Road Runner proactive scanning. Greg (Mar 10)
- Re: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 11)
- <Possible follow-ups>
- Re: Legal? Road Runner proactive scanning. Mitchell Rowton (Mar 11)
- Re: Legal? Road Runner proactive scanning. steve (Mar 12)
- RE: Legal? Road Runner proactive scanning. Aditya, ALD [Aditya Lalit Deshmukh] (Mar 15)
- RE: Legal? Road Runner proactive scanning. Mark Medici (Mar 12)
- RE: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 12)
- RE: Legal? Road Runner proactive scanning. Aditya, ALD [Aditya Lalit Deshmukh] (Mar 15)
- RE: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 12)
- Re: Legal? Road Runner proactive scanning. Gnuthad (Mar 15)
- RE: Legal? Road Runner proactive scanning. Mark Medici (Mar 15)
- RE: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 15)
- Re: Legal? Road Runner proactive scanning. Greg (Mar 10)