Security Incidents mailing list archives
Re: Handling Scans.
From: John Nemeth <jnemeth () VICTORIA TC CA>
Date: Wed, 14 Feb 2001 04:43:04 -0800
On Jul 5, 10:27am, Richard Johnson wrote: } } Also, avoid threatening language or mention of law[yers], as many who } receive your reports can't talk to you if you say things like that -- they } have to refer your message to their lawyers instead. In such cases, you } might as well not waste your time. This is very important. Anything that I receive that is threating in any way, demanding, just generally rude, etc., is immediately tossed into the bit bucket without a second thought. Remember that a human is reading the complaint and deserves to be be treated with respect. The point that was above abought having detailed information is also important. If there is insufficient information in a complaint for me to determine what happended and wether the complaint is valid, I will bit bucket it. The biggest problem here is a complaint about e-mail or usenet abuse. Those absolutely must have an example that has a complete set of headers or else forget it. } We often use something like this (this month -- it'll change, but you get } the general idea :-) when we send email to security@, the tech contacts, or } the upstream: } } "Sorry to be the bearer of bad news, but one of your IPs apparently } engaged in a port scan of numerous hosts on our network. This is not } normal behavior, leading us to suspect that your host, or a user account } on that host, may be compromised. If it was compromised, please let us } know so we can compare notes about the techniques used. Thanks! This is a nice note. }-- End of excerpt from Richard Johnson
Current thread:
- Re: Handling Scans., (continued)
- Re: Handling Scans. Richard Johnson (Feb 13)
- Re: Handling Scans. Harlan S. Barney, Jr. (Feb 13)
- Re: Handling Scans. Booke, Raymond (Feb 12)
- Re: Handling Scans. Reeves, Mike (Feb 12)
- Re: Handling Scans. Timothy Lyons (Feb 12)
- Re: Handling Scans. Guillaume Filion (Feb 12)
- Re: Handling Scans. Abe Getchell (Feb 13)
- Re: Handling Scans. Reeves, Mike (Feb 13)
- Re: Handling Scans. Reeves, Mike (Feb 13)
- Re: Handling Scans. Valdis Kletnieks (Feb 13)
- Re: Handling Scans. John Nemeth (Feb 14)
- Re: Handling Scans. John Nemeth (Feb 14)
- Re: Handling Scans. Justin Shore (Feb 14)
- Re: Handling Scans. John Oliver (Feb 14)