Security Incidents mailing list archives
Re: big increase in ftp scanning
From: Andreas Ferber <af () DEVCON NET>
Date: Mon, 13 Nov 2000 10:21:21 +0100
Hi, On Sun, Nov 12, 2000 at 01:19:51PM +1300, Russell Fulton wrote: [t-online abuse policy]
That said we do see a lot of activity from this block so I do wonder how effective their enforcemnet is.
They are actually doing a good job. T-Online has about 7 million customers, so it is only natural that you get much scanning activity from their netblocks. If a single customer gets reported the first time, they really do nothing but recording this, that's right. But if a customer is reported repeated times, they contact him and warn him, and if he doesn't stop scanning, his account is terminated. Here in germany there are also some legal problems which sometimes prevent identifying who was doing the scans. An ISP is only allowed to keep his logs of who had which IP address at which time as long as he needs it to bill the customer. At T-Online this is typically up to 4 or 6 weeks, so if you report an incident later, it is not possible for T-Online to identify the customer. And, last, portscans are nothing illegal, at least here in germany... Andreas -- Andreas Ferber - dev/consulting GmbH - Bielefeld, FRG --------------------------------------------------------- +49 521 1365800 - af () devconsult de - www.devconsult.de
Attachment:
_bin
Description:
Current thread:
- Re: big increase in ftp scanning, (continued)
- Re: big increase in ftp scanning Greg Owen (Nov 01)
- Re: big increase in ftp scanning Michael Bush (Nov 02)
- Re: big increase in ftp scanning Christopher Malek (Nov 05)
- Re: big increase in ftp scanning Mike A. Harris (Nov 02)
- Re: big increase in ftp scanning Thomas Molina (Nov 05)
- Re: big increase in ftp scanning Daniel Roesen (Nov 08)
- Re: big increase in ftp scanning Tuc (Nov 08)
- Re: big increase in ftp scanning Keith Owens (Nov 09)
- Re: big increase in ftp scanning Jan Muenther (Nov 11)
- Re: big increase in ftp scanning Russell Fulton (Nov 13)
- Re: big increase in ftp scanning Andreas Ferber (Nov 14)
- Re: big increase in ftp scanning Jan Muenther (Nov 14)
- Re: big increase in ftp scanning Florian Weimer (Nov 15)
- Re: big increase in ftp scanning Greg Owen (Nov 01)
- Re: big increase in ftp scanning Dirk Meyer (Nov 11)
- Re: big increase in ftp scanning Stefan Tomlik (Nov 13)