FW: Legal? Road Runner proactive scanning.[Scanned]

["James P. Saveker" <james () wetgoat net>]

You consider a port scan to be an attack?

Why is a port scan an attack?  Do other people on this list agree with this?

Perhaps I am naive,

James Saveker
www.wetgoat.net 

"The only thing which helps me maintain my slender grip on reality is the
friendship I share with my collection of singing potatoes..."

This e-mail has been virus checked by Sophos Mail Monitor. There are
inherent dangers in the opening any Attachments contained within e-mails.
wetgoat.net cautions you to make sure that you completely understand the
potential risks before opening any of the Attachments. You are solely
responsible for adequate protection and backup of the data and equipment
used in connection with this e-mail service, and wetgoat.net will not be
liable for any damages that you may suffer in connection with using,
modifying or distributing any of the Attachments.


-----Original Message-----
From: Bryan S. Sampsel [mailto:bsampsel () libertyactivist org] 
Sent: 10 March 2004 23:59
To: security-basics () securityfocus com
Subject: Re: Legal? Road Runner proactive scanning.[Scanned]

I've had entries from that system performing port scans...not simply SMTP
relay checking.

I think it's time to block 'em at the firewall, as I consider this
tantamount to an attack myself.

IMO,

bryan



Greg said:
> We saw the same thing about a year ago and contacted them. They 
> basically read to us verbatim what you have below. We now simply block 
> that particular IP at the firewall. They haven't bothered us since.
>
> --- jbod <for_the_republic () yahoo com> wrote:
> > Proactive scanning.  If everyone did this how would you ever sort 
> > through your logs?  Your IDS would go nuts constantly.
> >
> > Excerpt:  "If your server connects to ours, we reserve the absolute 
> > right to perform SMTP relay and open proxy server tests upon the 
> > connecting IP address, to ensure that the machine at that IP address 
> > cannot be abused for malicious purposes."
> >
> >
> > http://securityscan.sec.rr.com/probing.htm
> > http://24.30.199.228/probing.htm
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Search - Find what you're looking for faster 
> http://search.yahoo.com
>
> ----------------------------------------------------------------------
> ----- Ethical Hacking at the InfoSec Institute. Mention this ad and 
> get $545 off any course! All of our class sizes are guaranteed to be 
> 10 students or less to facilitate one-on-one interaction with one of 
> our expert instructors.
> Attend a course taught by an expert instructor with years of 
> in-the-field pen testing experience in our state of the art hacking 
> lab. Master the skills of an Ethical Hacker to better assess the 
> security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------
> ------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills of an Ethical Hacker to better assess the security of your
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Attachment: smime.p7s
Description: