Security Incidents mailing list archives
Re: @home: Is *anyone* really home there???
From: Flynnh () MONT DISA MIL (Flynn, Harold M. III)
Date: Mon, 28 Feb 2000 22:47:07 -0000
Ya know, I held my silence, but this one just has me boiling over.
I used to run an ISP, and I'd get this crap at least 100 times a day. When
coming back from a nice relaxing weekend, I'd usually DREAD reading my
email, because it was filled with all this "Jammer" hogwash. I DAMN near
considered seeking a modification to the ToS to ban it. Good idea for an
application, bad implementation.
I will say this, however. I remember when I was a kid, my mom used to tell
me a story about the boy who cried wolf. I think the same applies here. I
found a filter piping anything with the word Jammer to /dev/null was pretty
effective.
> Subject: "Hacker's attack from your server"
>
> This report was automatically generated by Jammer.
> Jammer offers complete protection against NetBus and
BackOrifice.
>
> Type of attack: TCP port scanning
> Time: The time is Sat Feb 26 21:09:56 2000 [Local GMT bias
-6:00]
> Hacker IP: NNN.NNN.NNN.NN ()
> Ports: 39108->51210
>
__________________________________________________________________________
> For further information visit http://jammer.comset.net
>
>I've had words with the Jammer support folks to try and convince
them
>that (a) this kind of event is not necessarily a "scan" of any type
and
>it is most definitely not a "TCP port scan" when seen on its own,
and
>(b) it's just as likely that the source address is forged, (c) to
use a
>better choice of words and to avoid "hack" and "attack" and their
>derivatives, and finally (d) to include the IP number of the client
at
>the time of the incident. Unfortunately I don't think I've had any
>success at convincing them to change anything at all.
>
>--
> Greg A.
Woods
Current thread:
- Re: @home: Is *anyone* really home there???, (continued)
- Re: @home: Is *anyone* really home there??? Jeffrey Papen (Feb 24)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 25)
- Re: @home: Is *anyone* really home there??? Greg A. Woods (Feb 28)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 28)
- Re: @home: Is *anyone* really home there??? David Kennedy CISSP (Feb 28)
- TIS and fingerprinting Dino Amato (Feb 28)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 28)
- Re: @home: Is *anyone* really home there??? Wozz (Feb 25)
- Re: @home: Is *anyone* really home there??? Jeffrey Papen (Feb 24)
- ssh wierdness spiff (Feb 26)
- Re: ssh wierdness Markus Friedl (Feb 28)