Re: Handling Scans.

[Michael Boman <michael () ELINUX COM SG>]

Joe Shaw wrote:
> On Mon, 12 Feb 2001, Reeves, Mike wrote:
>
> > I was trying to get some community type feedback on what people usually do
> > in handling scans of thier networks. At home I usually look back at the
> > person scanning me. I get scanned about 5 times a day. Should I take the
> > time to contact the admin or should I just let it go? What do most people
> > do?
>
> I generally don't do anything because port scanning isn't against the law.
> At best it may violate the AUP of the ISP/NSP providing the transport, but
> most places don't and won't act upon those types of notifications to
> abuse@.  Just log them and keep your eyes peeled for more nefarious
> behavior that could come after them.  If/when you see that, then it's time
> to get on the horn and start notifying people.

Some countries has different laws, like here in Singapore where I am it
is illigal to portscan without having prior permission to do so. You
have to adjust your security policy acording to your local laws.

Best regards
 Michael Boman

--
"eLINUX  ---  Enabling the Net Economy on Linux"
----------------------------------------------------------
Michael Boman                   eLinux Pte Ltd
LPIC-1                          http://www.elinux.com.sg
Technical Consultant            Tel:    (65)  227 6180
michael () elinux com sg           Fax:    (65)  227 5808
----------------------------------------------------------

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature