Re: A case of beer on 63.204.135.168

[dr.kaos <dr.kaos () kaos to>]

On Friday 22 February 2002 04:48 pm, Jeff Jennings wrote:

> This week's grand prize goes to 63.204.135.168
> For allowing PUT rights on Port 80 (I wonder how many hackers are
> lurking here).
> Being vulnerable on Port 25 and many other ports...
> Anyone need an open relay?

Ok, now, I don't mean to be a dick... but...

Posting someone else's IP to the list, at least in my book, qualifies as bad 
practice. Granted, the guy's box may be insecure, but so are those of the 
majority of the Win box owners out there. Hell, for all we know, this list is 
subscribed to by countless lurking script-kiddies just _hoping_ someone will 
post info like this to the list. 

Let's all do the world a favor and help each other _improve_ the security of 
each other's networks. If you're really concerned, try to contact the 
owner of the box, or more easily, his ISP, and notify him/them of the 
problem. Posting his IP could be constitued as _part_ of the problem.

In this case, I think I'll take a drink on your behalf as well... ;)

> No wonder the guy is spewing Code Reds...
> We just ran a port scan and tested the guy.
> Some guy running IIS over a DSL connection with a site that is listed as
> "Under Construction".
> Just another unsuspecting guy who installed IIS on his home computer and
> has no idea of how to protect it.

Yeah, you're right, they represent the vast majority of the population, but 
let's educate them rather than humiliating them and making them more of a 
target than they likely already are.

Again, I'm not trying to be mean, just wanna be helpful...

..[hiccup]...

peace,

./dr.kaos

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users